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INTERNET, INTRANET AND OTHER NETWORK 
COMMUNICATION SECURITY SYSTEMS UTILIZING 
ENTRANCE AND EXIT KEYS 

CROSS REFERENCE TO RELATED APPLICATIONS 
5 This application is a continuation-in-part of co- 

pending application Serial No. 60/100,462 filed September 
15, 1998; which is a continuation-in-part of appliction Serial 
No. 09/037,297 filed March 9, 1998; which is a continuation- 
in-part of application Serial No. 08/570,318 filed December 
10 11, 1995, now U.S. Patent No. 5,771,291. 

BACKGROUND OF THE INVENTION 

Most security programs for personal computers and 
networks rely upon simple user passwords and they are 
therefore vulnerable. There are two common methods for 

15 acquiring unauthorized access to a host computer- In the 

first method, the intruder improperly obtains and illegally 
uses the user ID and password of a valid user. The second 
method is to steal a valid user session in progress by 
switching the connection of the user to the thief s terminal. 

20 Without a method to verify the identity of the user, there is 
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little preventing an intruder from obtaining unauthorized 
access to the user's account through a purloined user ID 
and password. 

This lack of security has been a shortcoming of 
5 various corporate and other networks including the Internet 

and is one factor that has limited commercial use of these 
networks. 

One existing authentication system proposes to add a 
card reader to personal computers so that users can verify 

10 their identity with a user identification card, as shown in 

U.S. Patent 4,438,824, issued on March 27, 1W4. to C. 
Mueller-Schloer for an invention entitled "Apparatus and 
Method for Cryptographic Identity Verification". However, 
few users will spend the time and money to install an 

15 expensive card-reader. Furthermore, user identification 

cards have very limited storage and usually store a short 
identification key. Therefore, the same short identification 
key is used during most if not all authentications. 

United States Patent 5,371,792, entitled CD-ROM 

20 DISK AND SECURITY CHECK METHOD FOR THE 
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SAME issued on December 6, 1994 to Toshinori Asai and 
Masaki Kawahori, relates to CD-ROMs for television game 
devices. The purpose of the security check is to prevent 
unlicensed CD-ROM disks from being played on a Sega 
5 game machine. The CD-ROM disk identifier disclosed in 

this patent is not unique to each individual CD-ROM disk, 
but instead merely indicates a kind of the CD-ROM disk. 
All CD-ROM disks of the same type have the same disk 
identifier. In the patent, two kinds of identifiers, . 
10 "SEGADISKSYSTEM" and "SEGABOOTDISC are 

described. The security code indicates that the CD-ROM * 
disk is duly licensed and also contains a program which 
generates a message displayed on the user's monitor that 
the disk is licensed. 
15 There have been numerous patents issued for 

integrated circuit cards and other computerized portable 
security devices. For example, Beitel et al., U.S. Patent No. 
4,430,728, employs a physical security key which is coupled 
into a connector provided for it at a remote terminal. The 
20 key has two access keys which are required to access the 

3 
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central computer. This invention, like the Mueller-Schloer 
'824 credit card device, requires special hardware to be 
added to computers and requires costly security keys. 
Locking the terminal does not prevent intruders from 
5 procuring unauthorized access on public networks, since the 

intruder can use another terminal elsewhere. 

SUMMARY OF THE INVENTION 

The object of the present invention is to provide a 
practical and effective security system for secure remote 

10 terminal or terminal emulation or computer access to a host 

computer. This is accomplished by using ultra long 
passwords and/or ultra large databases of identification keys, 
i.e., by a CD-ROM disk or other portable large capacity 
storage medium containing a database of identification keys, 

15 long identification keys, or a combination thereof. The 

subsequent descriptions of the invention will be in terms of 
CD-ROM disks, although other portable storage media are 
contemplated for use, including Zip disks, floppy disks, 
digital versatile disks (DVD disks), Bernoulli disks, portable 
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hard drives (e.g. PGMCIA hard drives), and portable 
semiconductor memory units (e.g. PCMCIA memory units). 
The authentication system further includes a remote 
terminal with a portable large capacity storage medium 
5 reader or connector, and a communications device or system 

which connects the remote terminal to a host computer 
which has a large capacity storage medium. 

A microprocessor or logic circuitry may be added to 
the portable memory medium in certain applications to 
10 implement additional security features or user features. 

Moreover the system of the present invention may be 
incorporated into a portable electronic devices. 

In accordance with the invention, the new security 
system may utilize one or more CD-ROM disks, other 
15 portable storage media, other storage devices including 

redundant arrays of inexpensive disks and hard drives, or 
any hybrid thereof containing databases of the user 
identification keys. 

The invention also contemplates encryption and other 
20 security methods for authenticating the identity of users. 
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Specifically, an enhanced security system entails the use of 
separate entrance and exit codes at the beginning and end 
respectively of the communication session, along with 
multiple authentication codes during each session, as 
required for super security. The invention also includes 
means for the tagging or identification of attackers who 
attempt to penetrate the new system; a programming means 
for such tagging or identification may be implemented on 
the portable storage media, in the central computers 
(servers) of the new system, or both. 

DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a schematic diagram of an exemplary 
preferred embodiment illustrating the various steps required 
to practice the fundamental security system of the present 
15 invention, as well as illustrating the components which 

comprise the required hardware and software of one CD- 
ROM-based implementation of the fundamental system 
itself; and 

Fig. 2 is a schematic diagram of an alternate 
20 preferred embodiment including a double-sided key or 

password. 

6 
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DETAILED DESCRIPTION OF PREFERRED 
EMBODIMENTS OF THE INVENTION 

In general, the new and improved security system of 

the present invention provides individual users with what are 

characterized as "ultra long identification keys" which are 

embodied on a physical object such as a CD-ROM disk 

which is provided to the authorized individual user. By 

"ultra long" it is contemplated that the individual user code 

will comprise at least 20 characters or digits (requiring 20 or 

10 bytes, respectively) of information as a bare minimum (it 

being understood that the typical password employed for 

consumer credit cards and the like is 16 characters), 

although the use of a CD-ROM disk "key" enables even 

passwords of hundreds of characters to be readily employed. 

The following describes the use of CD-ROM disks as 

the portable storage medium; however, it is to be 

understood that the use of other portable storage media in 

lieu of CD-ROM disks is within the scope of this disclosure. 

The initial step in the new security method is to 

generate individual user access codes for each and every 
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contemplated user who is to be granted authorized access to 
a network or a database or source or repository of 
information which is desired to be protected and which is 
stored in or in conjunction with a ,, home ,, server or base 
5 computer. The individual user access key codes are 

generated using algorithms or circuitry or combinations 
thereof which may be optionally provided with means to 
generate individual encryption keys as well, in accordance 
with well known methods and industry standards for 

10 generating encryption key codes. It is of course to be 

understood that in accordance with the principles of the 
present invention, the individual access key code is "ultra 
long" and is of a length that is otherwise too long and too 
cumbersome to be conveniently typed into a system by an 

15 individual. 

A central registry or other compilation of all of the 
individualized user access codes is established and is 
optionally encrypted for loading on the home or main 
computer terminal or server on which the secured database 

20 is to be located or in association with which the server is to 
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function as. a security mechanism. As a parallel to this step 
of the development of the security system, each of the 
individualized user access key codes is separately recorded, 
for example by ganged optical recording machines of the 
5 type known to the art for recording information onto CD- 

ROM disks. Each disk is in the form of a "CD-ROM key" 
which is individualized for a particular end user (for 
example, a customer of a catalog sales organization, a user 
of a secure database, a customer of a financial institution, 
10 etc.). 

At this stage of the establishment of the system there 
is a complete registry of "ultra long" identification key codes 
stored in a server and there is a distribution of the physical 
CD-ROM disk keys to authorized individual users who are 
15 to be provided access to a database. 

In order to provide authorized access to an 
authorized user of the database or "transaction program", 
the user at his remote personal computer terminal which is 
equipped with a CD-ROM reader, loads the CD-ROM disk 
3 into his computer and logs onto an access program or user 
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program (which may optionally be recorded on the CD- 
ROM disk as well). The user program then transmits the 
user's individual access key code (which optionally may be 
encrypted) over a communication network or over a 

5 telephone network to the host computer or server, which 

will be appropriately programmed to check the user's access 
key code against the registry of stored authorized individual 
user access key codes. The server program will further 
include the requisite steps to interdict and end any attempt 

10 to gain access to the server or transaction program through 
a transmitted access code which is not stored in the 
database of authorized individual user access key codes. 
The server program will disconnect and may optionally 
inform the user that an unauthorized key access code has 

15 been transmitted. 

Alternatively, and assuming the CD-ROM disk was 
proper and contained an authorized access key code, the 
communication between the user's remote computer and the 
host server will continue with the host computer's program 

20 including steps to grant access to the user's program and 

10 
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begin the session. As explained hereinafter, the host 
computer program or server program and the user program 
may optionally encrypt the session using the user's 
encryption key or keys, which are also stored in the server's 
database and on the individual user's CD-ROM disk. The 
optional encryption might also include encryption keys which 
are stored on the user's CD-ROM disk key. 

At this stage, access to the secured database or 
"secured server transaction program" can proceed with the 
authorized user communicating through his own personal 
computer with the host server to conduct whatever 
"transaction" he may wish to effect, ranging from the simple 
ordering of merchandise, to the conduct of financial 
transactions, to conduct of research into a secured database, 
or any other type of two-way communication which is 
capable of being conducted between a remote computer 
terminal and a host computer over a communication 
network or a telephone network. It is to be understood that 
a level of security heretofore unavailable to remote 
consumers communicating with a host computer is provided 

11 
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by the new system which utilizes ultra long identification key 
codes typically impressed upon or otherwise recorded upon 
"large keys" in the form of a CD-ROM disk or the like. 
The ultra long identification keys are checked and approved 
5 through databases of such identification keys which are 

stored in a remote host computer or server. 

Security may also be enhanced by providing multiple 
keys or a database or table of keys (which may be a one- 
time pad of keys) on each user's CD-ROM disk. 

10 The user program may provide the keys in sequence 

or according to a pre-arranged pattern or algorithm, or from 
a location requested by the server. The server might 
request the keys in sequence or from random locations: i.e. 
in a random order, or according to some other algorithm. 

15 It is important to note also that the user program may 

provide or the server may request more than one key or 
multiple keys at different times during the session. As 
hereinafter described, the use of a one-time pad of keys also 
insures that no key is transmitted twice; hence intercepting 

12 
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or decrypting a key will not allow an attacker to gain access 
to the system. 

In some applications, the key generation algorithm 
will run on the server itself or even on the users' computers; 
5 in the latter case, means to avoid generating duplicate keys 

is required (e.g. by a randomization function in the key 
generation algorithm or circuitry, plus a check for duplicate 
keys whenever a new key is added to the database). 

Numerous other variants will also readily be. apparent 
10 to those skilled in the art. 

In a preferred embodiment, each user is issued a 
unique CD-ROM disk containing one or more unique 
identification keys. An individual user inserts his CD-ROM 
disk "key" into a computer connected via a network or other 
15 communications device to a host computer; also referred to 

herein as a server. An access program on the CD-ROM 
!, key" connects to and forwards the unique identification key 
from the CD-ROM disk key to the host computer in 
encrypted form. A security authentication program stored 
10 on the server then decrypts the identification key, compares 

13 
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the identification key with an identification key from the 
database of user identification keys located on a large 
capacity storage device connected to the host computer, and 
verifies the user's identity. The host computer or the user's 
5 access program may include a program or routine which will 

also demand that .the user type in a password. If the 
identification key matches the identification key in the host 
computer's database of user identification keys and if the 
user enters the correct password, the host computer, through 
10 its programming, will grant access to the user. 

The host computer (server) may be further 
programmed to require or challenge the user's remote 
access terminal program to re-authenticate itself at regular 
intervals or from time-to-time during the communication 
15 session. Or, the user's program may so reauthenticate itself 

and the host computer may be programmed to expect such 
reauthentication. This helps defend against attackers who 
try to capture an identification key en route to the host 
computer or who misappropriate or steal a user's 
20 connection. Unless an attacker has the user s unique CD- 

14 
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ROM "key", he would be unable to use his unauthorized 
access for longer than the time between requested re- 
authentications. Means to insure that an intercepted 
identification key or message cannot be re-used by an 
5 attacker are discussed below. 

Similarly, the user's program may require the host 
computer (server) to reauthenticate itself at regular intervals 
or from time-to-time during a communication session. Or, 
the server program may so re-authenticate itself and the 
10 user program may include code to expect such re- 

authentication. This helps defend against attackers who 
attempt to impersonate the host computer (server). 
Alternatively, the host computer and remotely accessed 
terminal program may request or expect identification keys 
15 periodically from each other. 

It should be noted that such re-authenticaition may 
optionally be required at critical points in a communication 
session, e.g. to complete a transaction or to access a 
database. Such reauthentication may be required before, to 
20 initiate the action; or after, to validate the action; or both. 

15 
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To insure that an intercepted identification key or 
message cannot be re-used by an attacker, defensive 
methods have been developed including the use of multiple, 
different identification keys; encrypting the identification 

5 keys or messages, ideally by time-dependent means, e.g. by 

combining the identification keys with time-of-day 
information, then encrypting. 

Another defensive method for authenticating a user 
to the host computer and the host computer to the user 

10 with the identification keys is the exchange of identification 

keys one digit at a time. In a typical implementation of this 
method, the user's access program (running (in the user's 
terminal or computer) transmits the first digit of its 
identification key to the host. The host computer 

15 determines whether the digit transmitted was correct. If the 

digit is correct, the host computer transmits the first digit of 
its identification key to the user's terminal or computer. 
The user's access program determines whether ihe digit 
returned by the host is correct. This process continues until 

20 either the user program and host computer have given each 

16 
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other all the digits of their respective identification keys or 
until an incorrect digit is received by the host computer or 
user's access program. 

Any attempt by an attacker to mimic either the host 
5 computer or the user terminal or computer most probably 

will fail on the first digit; if so, the attacker will get only one 
digit of the user password or host computer password. 
Thus, this technique provides additional security against 
"man in the middle" attacks aimed at illicitly obtaining a 
10 user or host password. Alternatively, several digits of the 

identification keys may be exchanged at each iteration, or 
single bits can be exchanged at each iteration, etc. 

Although individual identification keys are 
contemplated, in some applications, some or all of these 
15 identification keys may be shared among a class or subclass 

of users. 

In another embodiment, the host computer is 
programmed to send an encryption key to the remote 
terminal. The terminal program executing on the remote 
20 terminal uses the encryption key to encrypt the unique 

17 
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identification key on the CD-ROM disk. Then the 
encrypted identification key is sent to the host computer for 
verification. If the encryption means is a public key 
encryption algorithm with a sufficiently long key, a third 
5 party would have great difficulty extracting the unencrypted 

identification. A variation to this method is to have part of 
the encryption key contained on the user's CD-ROM '"key" 
with the other part sent from the host computer. The host 
computer always has access to a complete database of all 

10 the encryption keys and identification keys. Without the 

portion of the encryption key from the CD-ROM or host 
computer, the remote terminal program is unable to decrypt 
messages. If the encryption key from the host computer is 
varied with time, selected randomly, or unique to each user 

15 session, the user's computer will essentially never transmit 

the same encrypted identification key twice. 

The remote terminal program may pad the 
identification key with random, null, or nonsense prefixes or 
suffixes or interpolated characters. To help insure that the 

20 same identification message is not sent twice, the encryption 

18 
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algorithm is preferably provided with good diffusion 
(wherein a change in any character in the plain text changes 
many or all of the characters in the encrypted text). The 
pad will preferably be specified by the host computer so 
5 that previously used encrypted identification keys do not 

repeat. 

The pad may vary in a pre-determined manner with 
time. For example, the pad may be the day, hour, and 
minute clock. The host computer will then be programmed 
10 to check that the pad is correct based upon the day, hour, 

and minute. The pad may also vary with each logon. 
Additionally, the user ID or user number may be padded as 
discussed above. 

In another embodiment, the encryption key is 
15 included on the user's CD-ROM key disk and is never 

transmitted. The remote terminal program may pad the 
identification key as previously discussed. The host 
computer will be programmed to look up the encryption key 
for the user's claimed identity in a stored database of 
10 encryption and identification keys. Then the host computer 

19 
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will decrypt the unique identification key, remove the 
padding, and compare the decrypted key with the key 
retrieved from the host computer database, thereby verifying 
the user's identity. Again, when the encryption algorithm 
5 has good diffusion, the added characters will insure that the 

user's computer will essentially never transmit the same 
identification key twice. 

In another embodiment, the central server selects the 
encryption key of the moment from a table or database or 
10 pad of keys on the user's CD-ROM: a copy of the table 

being in the central server. This avoids transmitting the 
encryption key over the connection; all that is- transmitted is 
which entry in the key table is to be used, not the 
encryption key itself; alternatively, the key may be selected 
15 by means known both to the server and user programs. 

These keys may also optionally be used to encrypt important 
information transmitted. 

In another embodiment, the user's terminal program 
encrypts an authentication message, such as the user's 
20 identity, plus a varying padding, such as a random padding 

20 
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or a predictably varying padding, such as the date and time, 
again using a key or encryption means unique to the user 
and stored on the user's CD-ROM or portable storage 
medium. The central server program looks up the 
appropriate key or encryption means for that user, decrypts 
the message, and .checks the contents, thereby authenticating 
the user. A yet further alternative is for the user's terminal 
program to generate the authentication message by 
encrypting a predictably varying message, such as the time 
and date, again using encryption means unique to the 
individual user. 

In another embodiment, the remote terminal 
transmits to the host computer a plain text or encrypted 
user ID or identification key from an identification key 
database on the user's CD-ROM key. A second encrypted 
identification key is sent from the remote terminal to the 
host computer. The first identification key is used by the 
host computer to look up a unique encryption key for that 
user. The second identification key is then decrypted using 
the unique encryption key and the user's claimed identity. 

21 
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If the decrypted identification key is correct, the user s 
claimed identity is then verified. The encryption key is 
never transmitted since both the remote terminal and the 
host computer have the encryption key stored locally. 
5 In addition, other parts of the transmission* or the 

entire transmission or session may be encrypted using a 
unique user-specific encryption key or keys on the user's 
CD-ROM disk. When the server is aware of the user's 
identity, it will look up the key in its own table: hence the 

10 key need never be transmitted between user and server or 

vice-versa. Again, techniques such as padding would 
typically be used. This embodiment not only provides 
additional security, it also is another way to authenticate the 
user's remote terminal program to the host computer. An 

15 "impostor" computer posing as the user terminal would lack 

the user's unique key or database of keys and would be 
unable to encrypt the user's messages to the host computer, 
and would be unable to decrypt the host computers 
messages. In addition, this embodiment also securely 

20 authenticates the host computer to the remote terminal 

22 
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program. An "imposter" server would lack the database of 
user encryption keys and would be unable to decrypt the 
remote terminal's messages and accordingly would be unable 
to respond plausibly to the remote terminal 
5 Alternatively, a one-time pad stored on both the 

user's CD-ROM disk key and the host computer may be 
used as the encryption means or key to encrypt the user's 
identification key to provide additional security. After 
receiving the encrypted identification key, the host . computer 
10 is programmed to look up the one-time pad under the 

user's claimed identity in a database of one-time pads. 
After decrypting the identification key, the host computer 
will authenticate the user's identity. 

Alternatively, a one-time pad of unique identification 
15 keys may be stored on each user's CD-ROM key disk. The 

central server would then demand a new key eveiy time, 
and verify the new key against its own copy of that user's 
on-time pad of ID keys. 



23 
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Both one-time pad arrangements also avoid 
transmitting the same user authentication key or message 
twice. 

Furthermore, the one-time pad can be used to 
5 encrypt other important information communicated. For 

example, with use. of a 250 kilobyte user-specific one-time 
pad (e.g. in conjunction with a consumer catalog) to encrypt 
the user's credit card number, assuming that one byte is 
used to encrypt each digit, then a sixteen digit credit card 

10 number would use 16 bytes of the 250 kilobyte one-time 

pad. Assuming the user performed ten transactions a day, 
the 250 kilobyte one-time pad would last more than four 
years. Note that, optionally, different one-time-pads may 
be used for identification keys and for encryption keys. 

15 The central server can keep track of which one-time- 

pad keys have been used to prevent re-use. If the user's 
portable storage medium is writable, the user terminal 
software or access software may be used to keep a usage 
record or table or usage sequence number on the portable 

20 storage medium, or the user program may overwrite the 
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keys that have been used or set a flag bit or field associated 
with the keys that have been used. If the user only accesses 
the server from the one terminal, the user program may 
keep a usage record or table on the user terminal, e.g. on 
5 the hard drive. 

Preferably,, usage records may be kept in both the 
central server and on the user's portable storage medium or 
terminal, and any discrepancy between the usage records on 
the user's portable storage medium or terminal and on the 
) server would suggest an attempt by a third party to illicitly 

gain access. Such a discrepancy will be indicated by any 
attempt by either the user program or the server to re-use a 
one-time-pad key or one-time-pad entry that has already 
been used with the server or user program respectively. 
Such a discrepancy will also be indicated by any attempt to 
use a key or pad entry out-of-sequence or any other "out- 
of-synch episode". 

Thus, the server program (or user program) may 
assert that a particular key has been used (e.g. during an 
attempt by an imposter to gain access) even though the user 
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program (or server program) did not know that that key 
had been used. However, an attacker might try to mimic 
the server (or user) program, falsely claim that keys have 
been used, and thereby deplete the user s (or server s) 
5 one-time-pad of keys. To avoid this, the user (or server) 

program may optionally demand that the alleged server s 
program (or alleged user s program) provide one or more 
of the keys that it claims has been used. Alternatively or 
in addition, other authentication means as herein described 
10 or as are well-known to those skilled in the art may be 

used. 

If the portable storage medium is not writable (as 
with conventional read-only CD-ROM disks), the user 
program cannot record on the portable storage medium 

15 which keys have been used. If only the central server 

keeps track of which keys have been used, an attacker might 
attempt to impersonate a server to the user program and 
request that the user program utilize a key that has already 
been used. There are several ways to eliminate this 

20 potential problem. 
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First, as previously mentioned, if the user only 
accesses the server from one terminal or PC or workstation, 
the user program may keep a usage record on the user 
terminal or PC or workstation; said record might typically be 
5 a small file or cookie or like stored on the hard disk drive. 

If the user accesses the server from only a few terminals or 
PCs or workstations (e.g. from a PC at the office and a PC 
at home), the user program can keep a separate usage 
record on each, and operate from different areas of the 
10 one-time-pad of keys, depending on which machine is being 

used. Thus, the user program would typically inform the 
server program which machine is being used, hence which 
area of the key pad is being used. 

If the user utilizes his non-writable portable 
15 storage medium to access the server from any number of 

terminals or PCs or workstations, it eventually becomes 
impractical to allocate ian area of the key pad to each. 
The user program cannot keep a record of which keys have 
been used on the nonwritable medium; therefore, it has no 
20 memory between sessions of which keys have been used. 
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However, it can keep track of which keys have been used 
during a session; e.g. it can keep a sequence number during 
a session in RAM. Thus, the user program must 
authenticate the server at the beginning of the session and 
5 concurrently get a correct sequence number or a pointer to 

an unused area of the key pad. (One way to do the latter is 
for the server to mathematically combine the sequence 
number with the authentication number or with a second 
authentication-type number, e.g. by addition. The. user 

10 program independently calculates the authentication number 

and then obtains the sequence number, in this case by 
subtracting.) The main challenge is to authenticate the 
server; to do this, the user program typically generates a 
request to the server that differs at each sign-on and that 

15 requires the server to have a copy of the user's keypad. 

There are many ways to do this. 

One of our techniques is to have a table of 
different initiation keys for different times. This is doable; 
for example, a separate one-time-pad of 20 digit (10 byte) 

20 initiation keys for each 5 minutes over a 3-year period 
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requires 315,360 keys or 3,153,600 bytes, which is less than 
0.5% of a 650 Mbyte CD-ROM disk. Providing a different 
key for each minute for 3 years would require less than - 
2.5% of a 650 Mbyte CD-ROM disk. As an aside, the user 
program might optionally assert a clock time to the server; 
the server might optionally accept it if it is within a 
tolerance and does not correspond to a previously used 
time. Another option, if the time did not match, would be 
for the server to check the keys in the immediate . 
neighborhood, again staying within a tolerance and rejecting 
any key that has been previously used. 

Another technique for initial authentication of the 
server in the non-writable portable storage medium case is 
for the user program to generate a request for a key from a 
15 random location or address in the server s copy of the 

keypad. A single random number can be uenerated in anv 
number of ways; one way is from the exact timing of one of 
the user's keystrokes. Alternatively, the user program can 
generate an address based on the time and date, or based 
20 on the process identification number (PID) for the program, 
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or from any number of other non-repeating numbers. In a 
preferred implementation, we set aside a separate table of 
initiation, keys; and use a relatively small fraction of them, 
so as to minimize the chances of requesting a key that has 
5 been requested before. We derive an address in the key 

table from a random number, or we use a hashing function 
calculate an address in the table from the time-and-date or 
PID. We also allow a second or third (or a very limited 
number of) further choices if the server determines that a 
10 key has already been used. We may optionally further 

choose to have the user program request more than one 
key. 

Yet another technique is for the user program to 
request a checksum or check-function calculated from a 
number of keys from different addresses in the server's copy 
of the keypad. Only the checksum or check-function is 
transmitted; the actual keys are not transmitted. The user 
program uses one or more non-repeating numbers as 
described in the previous paragraph to generate the 
addresses of the keys requested or to decide which keys to 
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request. In one preferred implementation, we again set 
aside a separate table of initiation keys; and use a re,atively 
small fraction of them. The user program uses several 
random numbers derived from the exact timing of .several of 
the user's keystrokes to select several 20-digit keys to 
request. The server sums those keys and forwards the 
lowest 20 bits of the sum to the user program. For an 
attacker to counterfeit this check-function, two conditions 
must be met. First, all of the keys must have been used 
before; if even one of them is new, and the keys are 
random, the result is a random number. Second, the new 
checksum must be calculable from the checksums in which 
the keys were previously used. The probability of both 
conditions being met can be made vanishingly small. 

In addition, one may optionally use a check-function 
that depends upon the order of its arguments. 

Note also that combinations or hybrids of the above 
techniques can- be used. For example, a check-function 
may be calculated from a table entry from the current 
time-and-date, plus random or quasi-random keys from the 
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past; note that the present key has never been used and 
most of those past keys will also never have been used. 

Yet further techniques for initial authentication of 
the server in the non-writable portable storage medium case 
5 will readily be apparent to those skilled in the art. 

For any of the aforementioned user identification 
techniques, the terminal program and/or the host computer 
also may optionally be programmed to demand that the 
user enter by typing (through a keyboard) a password 
10 previously specified. The individual user s password may 

optionally be stored on the user s CD-ROM or other 
portable storage medium, in which case the terminal 
program compares said stored user password with the 
password entered by the user. Essentially, the user 
authenticates himself to the portable storage medium and 
the user terminal program, which in turn authenticate the 
portable storage medium to the host computer. 
AJternatively, the user s password may be stored on the 
host computer, and the host computer s program compares 
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•he use, s stored password M . th (he pajsword ^ 
the user. 

All of , he above-described encryption methods can 
a.so be used to encrypt taportam informatj()n ^ 

All of the above-described authentication methods 
can also be used to reverse ,o authenticate the host 
computer ,o the remote tenntoa. program, as win he readily 
understood. 

The most secure encryption techniques, such as pubhc 
key encryption, can take up to 1000 times ,„„ g er ,„ m 
than more routine encryption methods, unless a 
special-purpose processor for «he particular a. g „ riI „ m „ 
added ,o the user, computer. One method to increase 
speed is to use ,he most secure means ,„ encrypt onlv the 
most sensitive ponions of ,he transmission and use faster 
encryption methods for .ess critica. ponton, ()f lne 
transmission. Because of the ,arge capacity „„ d S p ecd (>t . 
CD-ROM, . databases or pads of encryption keys f„ r cach 
encryption method and host computer can be easilv m „ a 
-d accessed. Portions of the transmission that are common 
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and do not need to be protected can be transmitted as plain 
text. Repeated text or graphics which all users will view can 
optionally be stored on the CD-ROM to decrease the 

amount of information transmitted from the host computer 

to the remote terminal. 

A special encryption device may be attached to the 
host computer in order to expedite encryption and 
decryption of transmitted data. Since the host computer will 
most likely service many users, the encryption device should 
prove economical when amortized over the large number of 



users. 



The cost of having extremely large keys and 
databases of keys is the cost of the space on a CD-ROM 
which is not available for other information and the space 
needed to store these keys on the computer host. Since the 
cost of producing CD-ROM disks is modest, the use of CD- 
ROM disks has become quite economical. Thus the new 
authentication system of the invention is more economical 
and more effective than the prior art systems. 
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^c 0 s t of g e neratinglhekeys . afcMereffcct 
Note that one-time-pad entries for either authentication or 
option can he generated h y convention. a lg „, h , m , 0[ 

by specialized hardware s„rh a 

' SUCh as a hardware random 

n U mher g enera t or ;f or t heU, t e,one W o uld , vp ,,„ lvusea 
-tiorn Ph^ica, P roce SS , such as th£rma| n(nse drcuh 

noise or radioactive decav t n 

decay to generate the random bits or 

digits or numbers. We ako ,™ 

3,SO Comei "P'ate using one-time-pad 

entries or hardware-generate - * 

generated random numbers ,„ hn 

a ' SOri,hm " e ,mP, ~<' -ftware or in lwrd _ 
(e. g . a s P eeia,- purpose processor) ^ fa ^ ^ ^ ^ 

' WO;a — f -^— ns retire h,r g e numher, 

°f keys for each user w,- m „ 

«r, we may op,, ona „ v im p kmcm p ,., r , <ff 

° f ° Ur ^ Horttan. in hardware. 

A ye. farther ahernahVe is t0 gcnermc „ ^ _ 

' ermina ' Pr ° 8ramS ^ » are needed. t , us , ni! 
»ne-.ime pads or other encryption means on the user's 
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portable storage medium; this avoids generating keys that 
may never be used. This is of particular utility when (for 
example) random numbers for one-time-pads are cheap and 
easy to generate, and the keys in question (e.g. using a 
5 product of two large prime numbers) is expensive or more 

difficult to generate. 

Additionally, a user's CD-ROM key according to the 
invention may contain different identification keys or tables 
or databases of identification keys for use with different 
servers or to provide access to different databases or 
services on any individual server. For example, in an 
application wherein several catalogs of different vendors 
contained on or accessed by one CD-ROM key, different 
databases of identification keys and encryption keys would 
be allocated to provide access to each vendor's host 
computer or database. 

Also, a user's CD-ROM key according to this 
invention may contain different identification keys or tables 
or databases of identification keys to provide different levels 
of access to one or more host computers. Or, the host 
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computer may be programmed (o gram diffcren[ ^ 

network, ,„ e president CD-ROM key woukj a ram 
maX ' mUm '° a " info ™-'°n on lne „os, computer 

while a clerk's CD-ROM key would only gram limited access 

•o spec"* da,a. «- a consumer applfcaIi<m . 

Afferent consumers might have differem ^ ^ ^ 

on the CD-ROM or, prefer a biy , wou|d „ e ^ ^ ^ 
da.abase on the host computer. 

" W '" a ' SO bC •■*»-» a sing,e author.*..,.™ 
server or set of au,hori 2ati o n servers can he used ,„ 

single server or set of servers for 
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ease of updating, althnuah 
it could be kept on the users' portable storage media (e ^ 

user's CD-ROM disk) or on the central computer 
(server) or divided between the two. 
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If the user program contacts the other servers 
directly, the other servers can access the single server or set 
of servers to obtain the authorization; alternatively, the user 
program might contact the other servers through the single 
5 server or set of servers (e.g. if the authorization server 

function is implemented by an Internet service provider's 
server). 

If a single server or set of servers is used to 
authorize access to other servers or to different databases or 
10 servers, new servers or databases or services can be 

authorized for a given user by simply updating the table of 
what is authorized for the user. Typically, the table or the 
portion of the table being updated would be in the single 
server or set of servers. However, if the user's portable 
15 storage medium is writable, an authorization table on the 

portable storage medium could be updated in the same 
fashion. Thus, the user will be able to use an existing CD- 
ROM or other portable storage medium to access new 
servers, databases or services. 
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It is also desirable ,o allow existing CD-ROM keys ,o 
be used ,o access new servers or databases or servers when 
.he different host computers authorize access, as an 
alternative to or in lieu of referring access requests to a 
* central server or se, of servers per above. To do so. each 

CD-ROM .disk would include identification keys or tables or 
databases of identification keys tha, are initially no, assigned 
to any server or database or service. These would then he 
assigned later ,o access new servers, confers, program., 
databases or information functions or services. This 
arrangement averts the need for distributing new CD-ROM 
disks whenever a new server is added. 

Information about the new server <)r dataha . sc or 
service, such as is name,, network address, and telephone 
number, along with the identification of the database of kevs 
on the CD-ROM disk assigned to the new server must he 
added to the user's access program . F()r „ amp|e ^ 
keys or key able, or one-time-pads of keys are already 
assigned ,„ existing servers, the 201s. key might be assigned 
•o a new server. This information would be included (ir 
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either encrypted or unencrypted form) on an update floppy 
disk or other portable medium, posted on a bulletin board 
or server, or updated automatically by the remote terminal 
access program during a subsequent communication session. 
5 Such information is typically the same for all users being 

granted access to the new server. If the user key 

is on a writable portable storage medium, the update 
information would typically be written directly to the 
portable storage medium. 

If the portable storage medium is not writable, as 
with a conventional CD-ROM disk, the user's access 
program would typically store the update information for the 
new servers in a small file on the user's hard drives. If the 
users have a writable CD-ROM drive, the information could 
be added to the CD-ROM disk key. If the information 
about each server comprises no more than 50 characters, a 
10 kilobyte disk file could contain information on at least 
100 new servers. A file a few megabytes in size would allow 
a short description of each server. 



10 



15 



40 



10 



WO 00/56009 PCT/USOO/07174 

Eventually, the new servers would be included on 
updated CD-ROM disk keys distributed to all users. 

Informational, transactional, and promotional 
databases and services are all of ever-increasing commercial 
5 interest. Access can be controlled, verified, or tabulated by 

the CD-ROM key of the invention. In addition, the 
individual CD-ROM disks may be provided with all or 
portions of these databases. The portions of the databases 
that change infrequently might be encoded on the users- 
CD-ROM disks and updated when new disks are produced, 
whereas variable portions might typically be stored on the 
server. 

The response speed of the user authentication system 
may be increased if the server or host computer being 
accessed begins the communication session in parallel with 
checking the user identification key from the user program 
against the database of user identification keys to authorize 
the user. This may be advantageous if the database of keys 
has a slow response time, e.g. during peak usage hours. It 
may also be advantageous if the server or host computer 
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being accessed must take the time to contact another server 
or set of servers to check the database and obtain 
authorization, as discussed hereinbefore. 

In such a case, it may be advantageous for the host 
5 computer being accessed to run a fast key-check algorithm 

to check whether the user identification key is a valid key, 
and whether or not it belongs to the particular user. In 
some applications, the server being accessed could use this 
validity check and then grant a provisional or limited access, 
10 pending checking of the user identification key against the 

database. 

In addition, in certain applications, provisional 
initiation of the transaction upon receipt of a valid 
identification by the host computer might be permitted, but 
15 the transaction is completed only when the ID is verified in 

the server's database. This arrangement further improves ' 
response time for the user and reduces the speed 
requirements on the storage means. For example, a credit 
card transaction could be started upon receipt of a valid ID 
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but not completed until after the ID h-,, k 

me iu has been checked with 

the database and approved. 

In one such key-check technique, the CD-ROM key 
of the invention may contain both unencrypted and 
encrypted versions o, one or more identification kev, The 
enctyption is done . before or as the disk is imprinted usjng . 
key and encryption method unknown to the uscr an(J ^ 
encryption means that are ideally unknown «, Inc usc , For 
user authentication purposes, me host compute, which has 
the key, would be programmed to demand both the 
unencrypted version of the identification key and the 
encrypted version of the key. The hos, computer then 
-aid be programmed ,o decrypt the encrypted version of 
■he key and compare it with the unencrypted version. ,f lh e 
-0 keys are the same, then the user idemificu.ion key is 
virtually certainly a valid key. For example, if Ihc 
encryption were the inv£r3e Q[ a ^ ^ 

encryption, ,he public key would be held by the host 
computer only (and the inverse or private key would be 
held by the disk maker only). An intruder would have to 
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generate a counterfeit identification with the corresponding 
encrypted version, which would require the inverse or 
private key. Obtaining the key would be virtually 
impossible, even if the would-be counterfeiter obtained huge 
numbers of different user disks. Since the server does not 
have the private key, even illicitly accessing the server would 
not allow a counterfeiter to make new counterfeit user 
identification keys. Accordingly, counterfeiting of valid user 
identification numbers cannot be done. 

A further security measure includes appending the 
encrypted version of the identification key to the 
unencrypted version to form a single longer key. 
Alternatively, the final key may comprise two different 
encrypted versions of the unencrypted key. Alternatively, 
the final key may be a function of both the unencrypted 
version and of a parity, hash, encryption function, or other 
function of the unencrypted version. 

Such key-validity-check algorithms help protect 
against attempts to counterfeit or simulate user disks or 
portable storage media; they do not protect against the use 
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of stolen user disks or portable storage media , () ^ ^ 
leas, provisiona, or li mit ed access to ,hc server. 

One method to help protect against the use of st0(en 
user disks or portab.e storage tnedia ,„ gain m leas , 

5 Pr0ViSi ° nai ° r in .he above system is ,„ 

provide each server with a &, or database of known st()len 

keys; this database is much smaIler than ^ 

database of user keys; i, aiso can be checked more rapi d, v . 

Unlike a human user, the computer does „,„ make 
mistakes in entering an identification key. Accordingly, 
unless line disruption is indicated, the preferred softwn 
imp.emen,a,ion will disconnect the user after only „ 
attempt using any invalid CD-ROM identification key. This 
allows speedy rejection of attempts by attackers or other 
transgressors and avoids tying up thc systcm ^ ^ 
attempt, By disconnecting after one attempt, attackers 
cannot rapidly try multiple identification keys. 

The host computer's database of user identification 
key, is well protected against attempts to steal or copy it . 
Nevertheless, it is advantageous to protect against attempt* 
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to steal or copy the server's database of user identification 
keys or user access keys and thereby counterfeit or mimic 
the users' unique CD-ROMs. Accordingly, the server 
database of a preferred implementation of the invention 
5 contains an encrypted or otherwise altered version of the 

user identification keys. The server of the invention 
employs a trap-door authentication algorithm to compare 
the user ID or access key recovered from the incoming data 
stream with the altered version in the server's own database 
10 for that user's claimed identity. The trap-door 

authentication algorithm authenticates the user if and only if "~ 
the encrypted identification key in the server's database 
represents the same identification key as the one embedded 
or encrypted in the incoming data stream. The trap-door 
15 authentication algorithm is impractical to be used to. recover 

the actual identification key from the encrypted key in the 
host computer's database. Since the server database does 
not contain the actual identification keys, and the trap-door 
authentication function is of no help in recovering them, 
20 mere possession of the host computer's database is not 

46 



20 



WO 00/56009 

PCT/US00/07174 

sufficient to recover the identification keys. Thus, stealing 
or copying the host computer's database of identification 
keys will not allow a thief to counterfeit the users' unique 
CD-ROM key access disks and thus will not allow the thief 
5 to access the system as a legitimate user. 

One such trap door authentication algorithm is 
implemented as follows. When preparing the users- 
CD-ROMs and the database for the host computer, the 
users' unique identification keys are encrypted with, a 
10 difficult-to-decrypt long-key code. The encrypted key is 

copied into the host computer's database and the 
unencrypted identification key is written onto the user s CD- 
ROM key. In use, the host computer takes the 
identification key recovered from the incoming data stream 
from the user, encrypts it with the same means used to 
encrypt the database, and compares the encrypted key with 
the database entry for that user. If the keys are identical, 
the user is authenticated and access is granted. 

Another class of trapdoor authentication algorithms 
go directly from the encrypted version of the password 
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embedded in the data stream from the user to the other 
encrypted version in the server's database. Accordingly, the 
unencrypted version of the password never exists on the 
server and cannot be tapped or recorded by any illicit 
5 program or virus on the server. 

In a yet further embodiment, each CD-ROM key is 
provided with multiple databases of identification and 
encryption keys. The server or host computer is 
programmed to use or have access only to one database. 
10 The copies of the other databases on the user's CD-ROM 

are stored in a vault. If the host computer's identification - 
keys were ever stolen, the host computer can simply be 
loaded with one of the user databases from the vault and 
use the new identification keys. Since the user already has 
15 the new database of his new keys on his CD-ROM, there is 

no need to provide a new CD-ROM to all the users, and 
the thief remains locked out of the host computer. In 
addition, if only part of the server's database is copied or 
stolen, then only a portion of the database need be changed 
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and only the corresponding users' CD-ROM disks need use 
an alternative identification database. 

In one implementation, the server then simply 
requests the new or different keys from the users' program 
5 rather then requesting the previously used keys: the users' 

programs access a different location on the users' CD-ROM 
keys or portable storage medium keys. If the users have 
individual databases or one-time pads of keys, the users' 
programs then access a different database on the users* CD- 
10 ROM keys or portable storage medium keys. The server 

might also transmit a re-authentication code to access any "" 
key or database of keys or one-time-pad of keys. 

Preferably, a secure means to direct the users" 
computers to use a different database of identification keys 
15 on the CD-ROM is used. Any of the previously described 

authentication algorithms can be used for this purpose. One 
technique is for the server to encrypt by private key the 
message with a time-dependent pad. The user program on 
the CD-ROM then uses the public key. which is also stored 
20 on the CD-ROM, to decrypt the message, then checks that 
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the time-dependent pad is correct and switches to an 
alternate user ID or identification key database. The 
private key and the replacement database are given to the 
host computer at the same time. 
5 The host computer may be provided with multiple 

databases wherein. a specific combination is required to 
access any identification keys. For example, in one 
embodiment, one database contains a one-time pad and the 
other contains the database of identification keys encrypted 
10 using the one-time pad. A thief who stole or copied only 

the database would be unable to recover any keys. 

In corporate applications, where the user CD-ROM 
keys will be used only or primarily on the company's own 
computers, the change to another user ID can be made 
15 permanent by recording a word in a small file on the hard 

drive. Once the file is altered on all of the company's 
computers, the change is complete. This could be done at 
the next log-on for each user. 

In yet a further implementation, the host computer 
20 can use an array of inexpensive CD-ROM drives to store 
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the database of identification keys. Advantages of this novel 
CD-ROM array approach include that the cost per 
megabyte is comparable to or less than that of magnetic 
disk drives, and that a drive failure almost always leaves the 
5 recorded data intact. The CD-ROM disk can simply be 

changed to another drive. In addition, there is the security 
advantage that the written data is in permanent form. 

As an occasional delay in a transaction is tolerable, 
magnetic tape can optionally be used as a back-up. means or 
10 as a redundant storage means for use in regenerating data, 

or to store user keys or portions of the users' key tables or 
databases that are not yet needed. The storage means then 
comprises a fast storage means (e.g. CD-ROM disks or hard 
disk drives) that stores data that is apt to be needed in the 
15 near future, and a slow storage means with larger capacity 

and lower cost (the magnetic tape) to store keys that are 
not yet needed. 

The users' CD-ROM disks may also contain a 
network access program, encryption routines, and other data 
20 " and programs of utility to the users. 
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The portable large storage media may contain a read- 
only portion and a read-write portion, typically a write-once 
read-many portion or a write few, read many portion. (For 
the case of CD-ROM disks with writable portions, see, for 
5 example, the disks illustrated and described in U.S. patents 

5,287,335 and 5,206,063, the disclosure of which is 
incorporated by reference herein.) The read-only portion 
would typically contain programs or information common to 
many users, e.g. network access programs and/or encryption 

10 routines and/or other data or programs of utility to many 

users. For example, in consumer applications, the read-only 
portion might include catalogs, advertising, or other 
commercial information. The read-write portion or write- 
once read-many portion would typically contain the unique 

15 user access key codes and unique user encryption keys (if 

used) and any other information unique to the particular 
user. 

In a CD-ROM implementation, the read-only portion 
of the users' disks could be imprinted quickly and 
20 economically by pressing. The individualized portion, 
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typically a write-once, read-many portion, would then be 
quickly recorded on an appropriate recording CD-ROM 
drive. This approach may prove advantageous in a variety 
of high-volume applications. 
5 If the user's portable storage medium key according 

to the present invention is re-writable, the medium may be 
"recharged" with new keys. Examples of such media keys 
are semiconductor memory units or cards, rewritable CD- 
ROM disks, floppy disks, and the like. In one 
10 implementation, a user key comprising a portable storage 

medium with less capacity can be "recharged" from another " 
user key comprising a portable storage medium of greater 
capacity. For example, a user's memory card key could be 
re-charged from that user's CD-ROM key. Alternatively, a 
15 portable storage medium key can be re-charged at a secure 

computer, workstation, terminal, or facility. A yet further 
alternative is an exchange program wherein a user's used- 
up portable storage medium is exchanged for a re-charged 
or fresh storage medium with a new supply of keys. Other 
20 methods will be readily apparent to those skilled in the art. 
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Conventional authentication means or any of the 
authentication means of the invention can be used to insure 
that only the proper user with the proper storage key can 
re-charge same. 

5 Additionally, if the portable storage medium key of 

the invention is also used as a credit or debit disk or unit 
or card or the like, it may be re-charged with additional 
funds or the like. In addition, transaction information 
could be logged onto the portable storage medium, either 

10 as verification, or for later down-loading; e.g. if the card or 
portable storage medium is used with systems that do not - 
contact the server of the secure system of the invention; e.g. 
systems that are not connected to a network. 

The present invention may also be incorporated in a 

15 portable electronic device. The portable electronic device 

may comprise portable storage media for storing the ultra- 
long identification keys and/or a database or databases of 
identification keys or pads of same, and/or the user s 
encryption key or keys or database or databases of 

20 encryption keys, or pads of same. A microprocessor and/or 
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logic circuitry, hereinafter referred to as a microprocessor, 
may be incorporated in the portable electronic device. For 
many forms of memory IC, a simple microprocessor can be 
fabricated on the same IC at small or negligible cost. If 
5 the portable storage medium is a portable hard disk drive, 

the microprocessor or logic functions can typically be 
implemented by adding additional code or programming to 
the microprocessor already present in the hard disk drive: 
again the cost would be negligible. 
10 The microprocessor can provide additional .security 

functions: additionally, it can optionally implement any of "~ 
the functions that we have discussed as being implemented 
by a user terminal program or user access program running 
on the user's terminal or PC, and/or as contained on the 
15 user s portable storage medium. These include but are not 

limited to authentication, protocol, encryption, and other 
security functions. Advantages include off-loading these 
functions from the user's PC and thereby improving speed, 
simplifying the software, and providing additional assurance 
20 that these functions will be performed and not defeated, e.g. 
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by a rogue program or virus on the user's PC For 
example, the microprocessor may be used to keep track of 
which keys have been used, typically by writing to the 
portable storage medium, as hereinafter described. 
5 Conversely, any of the tasks described here as being 

performed by the microprocessor and/or clock of a portable 
electronic device may be performed by the microprocessor 
and/or clock of the remote terminal. 

Additionally, the microprocessor can be programmed 
10 to "re-charge" the storage medium with new keys, per above, 

including the relevant security precautions. Additionally, - 
the microprocessor can be programmed to log transaction 
information, per above, e.g. for stand-alone use in situations 
where the user uses the portable electronic device to 
15 conduct transactions without access to a PC. In many 

implementations of such portable electronic devices, the 
microprocessor will provide additional security to prevent 
unauthorized individuals or software from accessing or 
copying or using the identification keys on the portable 
20 storage medium. 
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For example, the microprocessor may be programmed 
to request a password from the user whenever the user 
attempts to access the identification keys on the portable 
storage medium. In order to access or use the 
5 identification keys on the portable storage media, the user 

must enter his or her appropriate user identification 
password. The user may enter the password through the 
remote terminal or a keypad on the portable storage media. 
In a preferred embodiment, the user s password is stored 
10 on the portable storage medium, in which case, the 

microprocessor is typically programmed to compare the 
user s stored password with the password entered by the 
user. 

The microprocessor may refuse access to the 
15 identification keys on the portable storage medium for a 

fixed period of time if an incorrect user password is typed in 
or if several incorrect user passwords are typed in 
consecutively. For example, the microprocessor may 
prevent access to the identification keys on the portable 
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storage media for an hour when three incorrect user 
identification passwords are typed in consecutively. 

The portable electronic device may further comprise 
a clock. The clock could be used, for example, to time the 
5 duration for which the microprocessor refuses access to the 

portable storage medium, as described hereinabove. 
Alternatively, the duration of refusal could be timed by a 
software timing loop or by keeping a running sum of the 
(known) execution times of each of the functions executed 

10 by the microprocessor. Clock circuits are inexpensive, and 

use little power. They can readily be powered for years by "* 
a small watch battery or the like. If the portable storage 
medium is a semiconductor memory, a clock circuit can 
readily be incorporated on the same IC as the memory and 

15 microprocessor. 

Additionally or alternatively, the microprocessor may 
disable access to the portable storage medium if multiple 
incorrect user passwords are typed in consecutively. For 
example, the microprocessor may disable access when ten 
20 incorrect user passwords are typed in consecutively. Re- 
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enabling the system might require human intervention from 
the central server or provision of a special password or 
erasure of the contents of the portable storage medium. 

Additionally or alternatively, the microprocessor may 
5 limit the number of passwords or one-time-pad entries 

accessed from the portable storage device in any pre- 
specified amount of time. This would prevent rapid 
copying of the identification keys stored on the portable 
storage medium. Again, a timing function, such as a clock 
10 or a software timing loop or running sum of execution times 

is required. 

For example, the microprocessor may be programmed 
to limit the number of identification keys or one-time-pad 
entries or the like accessed from the portable storage device 
15 in a given number of seconds, minutes, hours or days. 

Alternatively, the microprocessor could prevent accessing 
identification keys or one-time-pad entries at a rate taster 
than they would be used by the user's terminal program, or 
could prevent accessing one-time-pad keys at a rate faster 
20 than the maximum transmission rate between the remote 
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terminal and the host computer. Other desirable rate 
limitations will readily be apparent to those skilled in the 
art. 

Alternatively or additionally, the microprocessor may 
5 be programmed to output a time-dependent identification 

key or one-time-pad entry or the like; i.e. it may output a 
number that depends upon the time-of-day (including date) 
from the clock as well as upon the contents of the portable 
storage device. For example, the memory location or key 
10 accessed might depend upon the time-of-day, rather than 

the memory locations or keys being accessed in sequential 
order; i.e. the microprocessor selects the appropriate 
number or key from the portable storage medium based 
upon the current time. If desired, the microprocessor may 
15 combine the entry accessed from the portable storage 

medium with time-of-day information. For example, the 
keys could be added or concatenated and the result 
encrypted by the microprocessor and sent from the portable 
electronic device. Other time-dependent key techniques will 
20 readily be apparent to those skilled in the art. For any 
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time-dependent key technique, the host computer (server) 
would correspondingly be programmed to expect the result 
to be used as an identification key or as an encryption 
means; accordingly, the number outputted by the portable 
5 • electronic device would be usable only at the time it was 
obtained. 

The time-dependent key techniques can be used with 
any portable storage medium to produce keys that are only 
valid when produced; if the portable storage medium does 
not have its own local microprocessor, the above algorithms 
or similar algorithms can be implemented on the processor 
in-the user's terminal or PC. They can also be used on the 
host computer or server; with the above algorithms or 
similar algorithms being implemented by the server or an 
outboard microprocessor, possibly associated with the key 
storage means. Accordingly, the above time-dependent key 
techniques can be operated in reverse to authenticate the 
server to the user in addition to authenticating the user to 
the server. 
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Additionally or alternatively, the microprocessor may 
be programmed to access the portable storage medium only 
if the user terminal program is running on the user's 
machine. For example, the microprocessor can require an 
5 access protocol or password (possibly incorporating time-of- 

day information). . 

Additionally or alternatively, the microprocessor may 
be programmed to access the portable storage medium only 
if the user terminal is accessing the host computer. - For 
10 example, it might require an encrypted time-of-day function 

from the host computer. In addition to limiting access to ■•- 
the portable storage medium to legitimate requests, this 
authentication function would typically be made available to 
the user's terminal program. 
15 Additionally, the microprocessor may optionally be 

programmed to prevent unauthorized accesses to the 
portable storage medium while it is being shipped to the 
user or when it is otherwise not in the immediate possession 
of the user. One way is to program a time lock function 
20 wherein the microprocessor will not grant access for a given 
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time interval or until a specified date-and-time. If the unit 
is received before that time, the user knows that there have 
been no accesses and his keys are safe. 

Another way is to require a password or 
5 authorization sequence entered either by the user or the 

user terminal program or by a central server via a 
connection to the user s computer. For example, the card 
might be unlocked via an Internet connection to a server. 
Additionally, any of the other methods hereinbefore 
described may be used. 

Note again that the unit may also optionally be 
programmed to erase its contents in response to one or 
several illicit attempts to obtain access or in response to an ~ 
attempt to physically open the unit. 

Further, the microprocessor can readily be 
programmed to log all accesses, typically on the portable 
storage medium or on the server or both. 

Note- that our portable electronic devices comprising 
the above time-lock, authorization-lock or authentication- 
lock, or access logging techniques can also be used for 
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secure delivery of one-time-pads or encryption keys, or 
private data or information, or the like. The other security 
means contemplated for our portable electronic devices may 
also be used in this type of application. Note additionally, 
5 one may provide additional security by spreading the 

information between two portable electronic devices or 
portable storage media in such a way that the contents of 
the two must be combined to give the information; for 
example one may encrypt the contents of one using a one- 
10 time pad stored in the other. The two are then shipped by 

different means or at different times (e.g. the second may ■•- 
optionally be shipped only after the first has been safely 
received). 

Note also that our portable electronic devices may be 
15 implemented in a variety of form factors, including but not 

limited to any black box form factor or computer peripheral 
or computer plugin form factor (including a PCMCIA form 
factor or computer card form factor) or a form factor 
suitable to an ID card or badge or an access card or 
20 transaction card or credit card or the like. 
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There are many ways to connect peripheral devices 
or electronic storage media to a terminal or computer. 
Accordingly, an electronic portable storage medium or a 
portable electronic device, in accordance with the principles 
5 of the invention, may further comprise a PCMCIA interface 

or a serial port or a parallel port or SCSI port or USB 
(Universal Serial Bus) port or "Firewire" port or infrared 
link or radio link or a "memory reader* or any Other port or 
communication means capable of enabling it to pass 
information to and receive information from the user's 
terminal or computer. Preferably, for a portable electronic- 
device or memory medium which communicates with the 
remote terminal via an infrared link or radio link, the 
transmissions between the portable electronic device and the 
remote terminal are encrypted. The processor anuVor logic 
circuitry in the portable electronic device may also optionally 
handle communication with the user's computer or PC 

In another embodiment, the portable electronic 
device may additionally record which identification keys 
20 and/or one-time-pad entries or the like have been previously 
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accessed, hence presumably used; rather than or in addition 
to the user's terminal program or access software 
performing this function. If the portable storage medium is 
rewritable, the identification keys, one-time-pads, and the 
5 like, may be overwritten once used. Alternatively, if the 

portable storage medium is writable, a usage sequence 
number or a usage record, table or list may be kept on the 
portable storage medium. Or a flag bit or field associated 
with the keys that have been used may be set or 
10 overwritten. Alternatively, e.g. if the portable storage 
medium is read-only, the portable storage device may 
further comprise a secondary writable portable storage 
medium, and a usage record, table or list may be kept 
there. This prevents an identification key or one-time-pad 
15 entry or the like from being used more than once. 

Usage records can be alternatively kept in the server 
or host computer. Preferably usage records can be kept in 
both places and any discrepancy between usage records on 
the user's portable storage medium and on the server would 
20 suggest an attempt by a third party to illicitly gain access. 
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Again, such a discrepancy might be indicated by any attempt 
by either the user program or the server to re-use a one- 
time-pad key or one-time-pad entry that has already been 
used with the server or user program respectively. Such a 
5 discrepancy may also be indicated by any attempt to use a 

key or pad entry out-of-sequence or any other "out-of-synch 
episode". 

Anything that suggests an attempt to gain illicit access 
either to the contents of the storage medium or anything 
that suggests an attempt to illicitly gain authorization with 
the server or anything that suggests a "man in the middle '~ 
attack" by either counterfeiting the server to the user or the 
user to the server might be detected either by the portable 
electronic device or user program or by the server. Such 
suggestive incidents include those discussed above: e.g 
repeated incorrect passwords typed in by the user, an 
attempt to access too many keys from the portable storage 
medium, an attempt to use a time-sensitive key at a later 
time, any failure to authenticate the user to the server or 
vice-versa, an attempt by either the alleged user or alleged 
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server to re -use a one-time password or any other "out-of- 
synch" episode, and the like. 

Additionally, any attempt to use a known stolen user 
key or invalid or counterfeit user key suggests an attack, as 
5 does a usage pattern that suggests a user key may be stolen. 

In one implementation, if the incident is detected by 
the portable electronic device or the user program, either or 
both may be programmed to contact or otherwise to notify 
the server. If the incident is detected by the server, the 

10 server may be programmed to contact the portable 

electronic device or user program. 

Procedures for dealing with a suspected attack 
include but are not limited to: blocking access to the 
portable memory medium or portable electronic device for a 

15 set time; disabling access to the portable memory unit or 

portable electronic device or erasing the portable memory 
unit or portable electronic device (especially if the incident 
suggests that the unit or device has been stolen); blocking 
access by that device or unit or user to the server, either for 

20 a set time or until the situation is resolved (e.g. by the 
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server operator); notifying the true user (e.g. by E-mail or 
telephone to the true user); or notifying the server operator. 
These procedures may typically be implemented by 
appropriate programming for the portable electronic 
device s microprocessor and/or in the user program and/or 
in the server(s). 

In another embodiment, the portable electronic 
device comprises a portable storage media, a 
microprocessor, and a modem. The microprocessor may 
handle the authentication protocols with the .server. 
Additionally, the microprocessor may handle all .encryption 
of information transmitted by the remote terminal via the 
modem and all decryption of information received from the 
host computer by the remote terminal via the modem. 
15 Including a modem also allows the microprocessor to be 

programmed to allow the user to conduct stnnd-alone 
transactions via the network and without later downloading 
when the user does not have access to a regular terminal or 
PC. 
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There are a variety of additional techniques and 
embodiments of the present invention that can be 
implemented using a CD-ROM key or any portable storage 
medium key or a portable electronic device key, per above. 

For example, in another embodiment of the present 
invention, the host computer (server) may request an 
identification key from a random location on the user's CD- 
ROM or portable storage medium. The remote terminal 
or portable electronic device would read the identification 
key from the appropriate location in the memory medium 
and it would be transmitted to the host computer. 

The present security system, in a most preferred 
embodiment, entails the use of a "double-sided" key 
technique comprising the use of separate entrance and exit 
keys at the beginning and end respectively of the 
communication session. In this method, the remote 
terminal program (or portable electronic device) transmits 
an identification key to the host computer (server) at the 
beginning of the communication session, thereby 
authenticating itself to gain access. The remote terminal 
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(or portable electronic device) transmits a second 
identification key to the server a. .he end of the 
communication session; tvpicahv, this can he used to validate 
■he session. For example, the server is programmed such 
■ha. i. win not process ,he information transmitted unless 
both identification keys are correct; e.g. jn a , riln ,, c ,, m 
astern, the user transactions wou.d he received hy the 
server during the session, bu, not accepted or validated or 
processed unless or ami. a valid exit key is received at the 
end of the session. Thus, the firs, key funcion, ,., ,„,„, 
provisional access; ,he second key functions ,., provide , hc 
final authorization for the transactions. 

In order to authenticate the server „, , hc u „ cr -., 
.ermina, program (or portable electronic device, the server 
would transmit to the user separate entrance and exit keys 
in a directly analogous manner; one would typicnllv then 
have an exchange of identification keys between the user 
program and the server a, both the beginning and the end 
of the communication session. Additionally, the 
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identification keys may be time-dependent, e.g. using the 
techniques described hereinabove. 

Authenticating the user and server to each other at 
the beginning and end of the session blocks attempts to 
simply "hijack" the communication session. However, it 
does not block attempts to insert information into or delete 
information from otherwise valid sessions. The use of 
time-dependent identification keys imposes the further 
constraint that any tampering must be done in real time, 
and also blocks attempts to obtain valid entrance and exit 
keys, e.g. by using "man in the middle" techniques, and use 
them later. Thus authentication means to authenticate the 
entire session, or at least authenticate critical portions of the 
session, such as transaction information or transaction 
requests should always be included for maximizing security. 

To authenticate a session or the critical portions 
thereof, the session or critical portions thereof may be 
encrypted. An unbroken encryption technique will serve to 
authenticate the encrypted messages or information. Thus, 
20 for example, encrypting the critical portions of the session 
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using a one-time-pad stored on the norm hi . 

on tne portable storage medium 

key and in the central server will authenticate that 
information. 

Mother technique to authenticate a session „ r thc 
critica, portions thereof is to alcul3te one „ ^ ^ 

sums or check-functions (hereinafter ca„ed check-functions) 
using means whereby ft is (a) difficult or impossible to 
counterfeit the check-functions, and (b) difficult or . 
impossible to fabricate spurious messages with , he same 
check-function(s) as intercepted .egitimate messages. 

With the doubie-sided key technique, such check- 
functions can be included in or combined with ,hc above- 
discussed, end-of-session key. The end-of-session key wi„ 
no, on,y authenticate the user or server but it wi„ also 
authenticate the content of the session. For example, if 
•he check-fu„c,ion(s) from the user to the server include the 
transaction information from the user, it authenticates thn, 
transaction information; if if includes the relevant messages 
from the server .as we,., it authenticates those as we.,: thus 
confirming that the user received the 
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server. Moreover, if the check-function includes the entire 
session, it authenticates the entire session. If the check- 
function(s) include time-of-day information, either for the 
communication session or for individual messages, it 
authenticates that time-of-day information as well. 

It is preferable to combine the check-function(s) with 
the end-of-session key using a combining function that has 
good "diffusion", so that an attacker cannot separate the 
check-functions from the end-of-session key and attack them 
separately. Note, for example, that simply adding (without 
carries or with) the check-function to the end-of-session key 
cannot be reversed by an attacker if the latter is from a 
one-time key-pad. Other techniques include convolution or 
encrypting the combination of the two, using an encryption 
algorithm with good diffusion. 

It is preferable that the combining function(s) have 
good "diffusion" so that it is not possible for an attacker to 
discover that some bits involve only the password, some bits 
involve only the checksum(s) and some bits only involve the 
time-of-day information; a combining function with good 
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diffusion helps scramble then, all together. Good diffusion 
may be achieved by simply adding the check-sums or 
functions ,o par, or all of the exit signature, or convolve 
them or use other algorithms that mix the information. 
Ye, another means would be to encrypt the two ,„ sether 
with an encryption function that has- good diffusion. 

There are many different ways ,„ calculate check- 
functions that are difficult to counterfeit and where spurious 
messages with given check-functions are also difficult to 
counterfeit, or equivalent,* spurious messages with the same 
check-functions as an intercepted message are difficult to 
counterfeit. For example, one may assign different pans or 
characters or pieces of the transmission different weights: 
e-g. depending on a key or random number from our 
portable storage medium or from the server. 

There are various ways «o combine a weigh, function 
with the messages or portion, thereof; one way is ,„ binary 
add without carrying on a bit-by-bi, basis: ano.her way 
group and multiply or group and add. typically throwing 
away the higher-order bits. One then typically sums the 
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results of these operations. The checksum or check function 
typically would either be that sum, or, preferably, the lower- 
order digits or bits of that sum. 

In addition or alternatively, one may use changing, 
unique, or one-time weight functions. For example, one 
may have a region of the user's one-time-pad (or a separate 
pad) set aside for use as a weight function, and vary the 
starting point, or the order in which the entries are taken, 
or both from session to session. One way of doing so is to 
have the starting point or order or both depend upon a 
number taken from a one-time-pad or provided by the 
server or user program or calculated from time-of-day 
information, etc. Since there are NI orderings for a set, the 
same pad can (optionally) be re-used at little risk (especially 
if only the lower-order bits of the sum are used, per above). 
Yet another way to calculate a checkfunction is to encrypt 
the message(s) locally, then calculate the checkfunction on 
the encrypted messages. 

Alternatively or in addition, the checksum or check- 
function may be combined with or include time-of-day 
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information or (better) a function computed from time-of- 
day information. 

The double-sided key or password technique of the 
invention can use keys or passwords from our portable 
5 storage medium, or from an algorithm or from a string sent 

out by the server, or by any other means of generating 
passwords. For example, the double-sided keys could be 
implemented by a unique algorithm for each user:, for 
example, by encrypting the time-of-day with a key unique to 
10 each user. 

The second password can come from the same 
database or circuit or algorithm as the first, or from a 
separate database or circuit or algorithm than the first. 
Note.also that we can use two or more passwords, either 
from a single portable storage medium, database, circuit or 
algorithm, or from two or more algorithms, or two or more 
circuits or ICs, 

Alternatively, in lieu of a second key or password, the 
key or password is divided; one part is sent at the beginning 
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of the session and the second part is sent at the end of the 
session. 

The double-sided key technique conserves keys and 
therefore is particularly suitable for implementations of the 
new security system invention using semiconductor memory 
keys or portable electronic device keys with semiconductor 
memories, and for other implementations of the invention 
using portable memory media of limited capacity. 

We further contemplate user authentication and/or 
encryption means comprising more than one portable 
electronic device and/or portable storage medium, or, when 
possible, optionally using a single portable electronic device 
or portable storage medium to achieve the same ends . As 
described above, one implementation of our portable means 
to provide separate entrance and exit keys is to have two 
separate circuits or portable storage media or portable 
electronic devices; one for the entrance key, a second for 
the exit key, with both packaged together, e.g. in the same 
card-like configuration. Similarly, in an application like an 
electronic bank card, we may optionally have two or more 
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different chips, circuits, databases or storage media, 
algorithms, or programs; e.g. one that can be accessed bv 
any merchant, and a second that can only be accessed by 
the issuing bank. Analogous applications for this type of 
device in other areas of commerce will be readily apparent. 
There may also optionally be two or more different 
connection means or protocols or keys or passwords or 
algorithms or authentication means, to use or access .either 
or both of the databases or portable storage media, 
algorithms, or programs, chips or circuits. Similarly, the 
microprocessor in the portable electronic device may be 
programmed to provide different access privileges to 
different entities or programs or individuals accessing the 
device; e.g, in a bank card application, only the bank's 
program would be allowed to add funds to the totalis) 
stored in the card; e.g. doing so would require the bank's 
password or passwords for accessing a card or for accessing 
that individual's card, while any merchant to whom the user 
gave his card would be able to deduct. (For portable 
storage media keys or encryption means, the same function 
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would be implemented by an appropriate programming in 
the user terminal program.) Additionally, we previously 
described means for providing different access privileges or 
use privileges to a central server for different users; we 
further contemplate using such means to provide different 
access or use privileges to a user s portable electronic 
device or portable storage medium for different entities or 
programs or different authorized individuals. Note that this 
includes providing access to different services or functions, 
both in the case of the central server and in the case of a 
portable electronic device or portable storage medium. 

As a special case, note that storing different 
passwords in the portable electronic device or portable 
storage medium allows us to provide programming to allow 
different users to access different authentication means or 
keys, different encryption means or keys, different data, 
and/or different functions on the same portable electronic 
device or portable storage medium. 

Additionally, we contemplate the use of two or more 
portable storage media or portable electronic devices in the 
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same unit to allow said unit to be accessed by more than 
one means or to implement different functions. For 
example, it is now possible to buy CD-ROM business cards; 
these are read-only CD-ROM disks that have been trimmed 
to the size and shape of a business card. 

Unfortunately, the prior art does not include writable 
CD-ROMS of this type; when one attempts to trim a 
writable CD-ROM, the two pieces of plastic separate; the 
writable film acts as a parting agent. We have found that it 
is possible to produce writable CD-ROM cards by providing 
clamping means to hold the top and bottom of the disk 
together while cutting off the rest of the disk to leave a 
card-shaped writable CD-ROM. (Note that it is expedient 
to have one clamping surface at least slightly resilient to 
provide an even clamping pressure.) We can then glue or 
fuse the exposed edges together, preferably before releasing 
said clamping means. (When fusing, it is often expedient to 
fuse beyond the writable layer; one way to do this is to use 
a slitting saw tp remove a little bit of the writable layer, for 
example 10 or 20 mils around the outside. Another way is 
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.o. when fusing, deform tne plastic materja| m ^ ^ 
hea, and/or pressure, so as ,o fuse beyond th e outside edge 
of .he writable layer. Note ,ha, if the witable layfir ^ 

break up and en.er .he fused region, one s.i., obtains fusion 
be«ween islands of the wri[abie Iayer ) Sa;d ^ 

ROM cards can be used as our portable storage media, as 
previousiy described for writable CD-ROMs. We further 
contemplate optional* embedding a portable electronic 
device, preferab.y in IC form, in the unused area Qf ^ 
card or attaching it to th e surface of said card, preferaWy 
on .he .op or unused surface. The resulting device can be 
read either by a CD-ROM drive or by electronic means. 
We fur,her con.emplale optionally mcluding magnetic 
storage media, .ypica.ly on .he unused ends of .he card; the 
resultant device can then also be read by magnetic means. 
We further con.empla.e optiomtily providing the equivalent 
of a one or two-dimensional bar-code pa,.ern, Vpi ca„y again 
on me unused ends of ,he card. Said pattern may either 
be primed or may be implemented using ,he wmable CD- 
ROM ma.erial; .he la.ter may optionally be done in a 
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recording CD-ROM drive. Note further that the two or 
more different storage means can store the same or 

different information to implement the same or different 

functions. . 

In addition,. any of the techniques to detect and foil 
an illicit attack, including attempts to break into the system 
or steal identification keys or hijack a communication session 
may be combined with a program to create an entrapment 
session to keep the attacker or intruder linked or on the 
line to allow his call to be traced with a view to identifying^ 
or apprehending him. The entrapment session might also 
include programming to elicit additional information from 
the attacker or intruder or his computer or from servers 
along the way. . 

Additionally, any of the portable storage means of 
the present invention, including portable electronic devices, 
might also comprise programming to plant a "cookie" or 
information packet or a covert program or "identification 
virus". on an attacker's computer to facilitate subsequent 
identification of the attacker or at least of the computer he 
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or she used. The cookie or covert program would be 
planted upon detection of an illicit attack by any of the 
means described above. Such programming may be a part 
of any user terminal program or user access program on the 
5 portable storage means or needed to run the portable 

storage means; it may also be a part of any software drivers 
needed to access same, or of any other user program 
included on or with our system. (The only function of the 
"identification virus" is detection and identification of 

10 attackers; it is a totally benign virus. It should be 

programmed to be non-executing unless queried or 
activated, e.g. by a server,) 

Alternatively, upon detection of an illicit attack, the 
server will plant the cookie or covert program in the 

15 attacker's computer, using means well-known to those skilled 

in the art (conventional cookies are normally planted by 
central servers and not by programming on the user's 
computer). 

Alternatively, a service provider's computer may be 
20 programmed to plant such a cookie or covert program upon 
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attacker s session, plus other sessions immediately after (e.g. 
in case the attacker uses the legitimate user's machine for 
something else; e.g. to send an E-mail.) 

A particular advantage of the "identification virus" 
5 approach is that it is typically attached to an existing 

program and is not detectable as a separate file. 
Similarly, the tracer cookie of the invention might be 
appended to an existing cookie. Alternatively, other means 
to hide the covert program or cookie or the like may be 
10 used; these include but are not limited to creating one or 

more hidden files, masquerading as a system or application 
file, marking it's block on the disk as "unusable" (and 
reversing same when one attempts to read it) and the like. 
A virus might be non-executing unless queried or except 
15 under other restricted circumstances. 

Additionally, such "cookies" or markers or programs 
could be planted in any of the intermediate servers or 
machines, along the way; for example, this would allow the 
maintainers or operators of the servers to notify an Internet 
20 service provider that the service is being attacked. 

87 



WO 00/56009 



PCT/US00/07174 



We further contemplate encrypted networks or 
adding encrypted network functionality to existing networks 
or to conventional networks. Thus, authentication and 
encryption means such as those discussed hereinbefore can 
5 be implemented between servers or routers or switches as 

well as between users and servers. They may also be 
implemented between private or corporate WANs or other 
relatively secure networks, when messages must be. passed 
over an insecure network, such as the Internet, For 

10 example, a message may be unencrypted (or lightly 

encrypted) between the WAN users and their WAN servers, 
with the servers handling the encryption/decryption function 
for communication over the Internet between the servers. 
We also contemplate encrypted networks (or 

15 encrypted network functionality) wherein the network servers 

or routers or switches comprise programming and/or 
auxiliary processors and/or hardware means to translate 
between one user's encryption and another's. This 
encryption translation function can also be implemented on 

20 a central server connected to the network, or on any 
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computer connected to the network and accessible to the 
users who wish to communicate, or on an auxiliary processor 
or hardware connected to said server or computer, or in our 
portable electronic devices or in stationary versions of same 
5 or plugin versions of same. This encryption translation 

technique enables any two users to communicate without... 
knowing each other's encryption means or keys; this avoids 
the need for each user to know every other user's . 
encryption means or keys, which quickly becomes both 
10 cumbersome and, for most cryptosystems, insecure as well. ^ 

For example, we contemplate one-time-pad encrypted 
networks wherein the central servers or routers or switches 
comprise means to translate between any user's 
one-time-pad and any other user's one-time-pad. One way 
15 to do this is for the server to use the first user's 

one-time-pad to decrypt the message, and then use the 
second user's one-time-pad to re-encrypt the message. A 
second way to do this is to first calculate a "translation pad" 
from the two users' one-time-pads and then use the 
20 translation pad to translate the message from one user's 
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one-time-pad to the other user's one-time-pad. The second 
approach has two advantages. First, the message never 
exists in decrypted form in the central server or router or 
switch. Second, the translation pad can be calculated by an 
5 utterly secure "pad server", then supplied to the network 

server or router or switch to translate the message between 
the two pads. This means that the message is never in a 
network server that also has the information required to 
decrypt it. 

10 Similarly, for other encryption means, the translation ^ 

processor may either (a) decrypt one user s message, then 
re-encrypt it using the other user's encryption me;ins. or. 
alternatively (b) generate a translation function or algorithm 
between the two users' encryptions. The second approach 

15 again has the advantage that the message never exists in 

decrypted form while being translated. Similarly, the 
translation algorithm, function, or key or the translation 
function itself may be calculated or performed in a secure 
translation server connected to the network server. 
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In addition, it is desirable to avoid the need for each 
network server or router or switch to know every user's 
encryption means or keys. Therefore, we contemplate 
networks wherein the network servers or routers or switches 
comprise means to translate between each of their user's 
encryption means and "trunk" encryption means for 
communicating with other servers. Thus, when a first user 
served by a first network server communicates with a second 
user served by a second network server, the . first network 
server translates from the first user's encryption means or 
key to an intermediate encryption means or a "trunk" 
encryption means or key which the second network server 
translates to the second user's encryption means or key. 

Implementing this with one-time-pad systems entails 
15 translation means directly analogous to those described for 

translating between two users directly; the main difference is 
an extra translation step. 

In addition, we contemplate encrypted networks 
wherein the network servers or routers or switches comprise 
20 means to send the same encryption means or keys to any 
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two users who wish to communicate. The encryption 
means or key or keys may be sent as part of the call setup 
or link initiation, or it may sometimes optionally be sent 
ahead-of-time in anticipation of being needed. Typically, 
5 the encryption means or key would itself be encrypted, e.g. 

using each user's encryption means. If the two users are 
on secure networks (e.g. a corporate WAN) connected via 
an insecure network such as the Internet, the encryption 
means would be encrypted when being passed over the 

10 insecure network, but might even optionally be unencrypted 

when being passed over the secure networks to the users. 
Note, however, that the secure network may include its own 
encryption, in which case one may optionally translate to 
that network s encryption. 

15 More often, each user program or portable storage 

medium or portable electronic device will comprise 
encryption means or keys known to its network .server or 
central server, which will use said user's encryption means or 
keys to encrypt the means or keys for communicating with 
20 the other user. Again, the information would most often 
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be passed as part of the call setup or link initiation process; 
if further keys are needed, they might be transmitted during 
the session. 

For example, in a one-time-pad system, each user's 
server may use that user's one-time-pad to encrypt a new, 
shorter one-time-pad that is sent to both users and used to 
communicate between the two. As each one-time-pad 
entry can be used to communicate a single one-time-pad 
entry, one is effectively turning a portion of each user's 
one-time-pad into a small one-time-pad common to the two 
users for communication between the two users. 
Alternatively, the one-time-pad entries can be conserved by 
using each of them to transmit a single key to be used in 
one of the conventional mathematical encryption means for 
15 a subset of the session or for the duration of the session. 

Further, for small numbers of users, or for 
demonstration purposes, it is feasible to provide each user 
with a custom CD-ROM or other portable storage means 
comprising different tracks or storage areas, each comprising 
encryption means or keys for one of the other users. For 
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example, in a one-time-pad system, each user may be issued 
a CD-ROM disk with tracks or storage areas comprising 
different one-time-subpads for each of the other users. 
Preferably, in all cases user "A's track or pad for user "B" is 
5 the same as user "B's:" track or pad for user "A" and is 

different from all other tracks or pad on all of the disks. 

Note also that this technique can be extended to a 
moderate number of users, e.g. if the one-time-pad entries 
are conserved by using each of them to transmit a .single 

10 key to be used in one of the conventional mathematical 

encryption means for a subset of a communication session 
or for the duration of a communication session. 

Finally, we also contemplate translating 
authentications and authentication messages between users 

15 as well, typically by means analogous to the means described 

above for translating messages between different users" 
encryption systems. For example, if each user has a 
one-time-pad of authentication keys, the central translation 
program or means might translate each user's authentication 

20 into the next entry on the other user s authentication pad. 
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Similarly, any of our means for authenticating a user to a 
central server can be used to authenticate two or more 
users connected to said central server, e.g. when the users 
are authenticated to the central server, the central server 
5 sends an authentication message for each user to the other 

user's terminal programs. Similarly, when we use the 
central server or other processor or hardware to translate 
messages between individual users' encryption means, we 
also optionally contemplate appending or including an 
10 authentication message or the translated authentications. 

Finally, we contemplated authentication means where the 
user programs authenticate themselves to the central sever 
by using a key or encryption means unique to the user to 
encrypt the user's claimed identity or other identification 
15 message along with a variable padding, such as a random 

padding or a predictably varying padding, such as the date 
and time. One way of translating these authentication 
means between users is to simply translate the encryption 
means, e.g. by the means described previously. 
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It is also desirable to use conventional encryption 
means or one-time-pad encryption means or other 
encryption means to transmit pictures. However, a picture 
can use up one-time-pad entries quickly. There are several 
5 ways to deal with this. One way is to conserve the 

one-time-pad entries, again, by using each of them to 
transmit a single key to be used in one of the conventional 
mathematical encryption means for a subset of a picture or 
for one or more pictures. Another way is to compress the 
10 picture before encrypting it, e.g. with a one-time-pad: digital 

compression tends also to remove redundant information, 
thereby making unauthorized decryption more difficult. 

A second class of techniques is the digital analog of 
shredding the picture or painting over it with random 
15 splatters of paint. One "shredding" technique is to divide 

the picture into small squares or hexagons or other small 
groups of pixels and use a series of random or quasirandom 
numbers to scramble their positions and optionally to 
randomize their orientations. For example, if a picture is 
20 divided into 100 by 100 small squares, there are 10.000 
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squares in all; approximately 13 binary bits are needed to 
assign each square a random or quasi-random position 
within the 100 by 100 array, and another 2 bits may 
optionally be used to pick one of (4) random orientations. 

5 The total is 17 bits per square or 170,000 bits in all or 

21,000 bytes of random or quasi-random numbers to digitally 
shred (and unshred) one picture. 

Those random or quasi random numbers can come 
from one of our one-time-pads. Alternatively, one of our 

10 one-time-pad entries or some other encryption means can "~ 

be used to transmit a "seed value" for a random-number- 
generator algorithm or other position-scrambling algorithm. 
If the one-time-pad is used, 21,000 bytes per picture means 
that one 650Mbyte CD-ROM can be used to shred and 

15 unshred 30,500 pictures. 

A functionally similar positional scrambling technique 
is to append to each pixel or block of pixels a number or 
numbers describing it's location in the picture, then encrypt 
said location number, then re-order the pixels or blocks 
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according to their encrypted location numbers. Essentially, 
one is encrypting the locations rather than the signal itself. 

One digital splatter painting technique is to divide the 
picture into small squares or hexagons or other small groups 
5 of pixels and use a series of random or quasirandom 

numbers to randomly add to or change each group s 
chrominance (color) and luminance (brightness). Note that 
one bit can optionally be reserved to randomly invert or not 
invert either the brightness or any of the colors. The 
10 bits-per-picture calculations are similar, and the random or - 

quasi-random numbers can come from a one-time-pad or 
random-number- generator algorithm or other color 
scrambling algorithm in a directly analogous manner the 
digital shredding technique. 
15 Note that one may also apply an invertible smoothing 

or smear function either to the digitally scrambled or 
digitally splattered picture on the one hand or to the 
scramble function or splatter function on the other. This 
will hamper any attempt at applying computerized 
20 edge-matching algorithms. 
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Analogous techniques may be applied to the 
compressed picture information; again, one has the choice of 
encrypting the picture information or scrambling the 
positional information and, for blocks, scrambling the 
5 orientation. 

It is also desirable to encrypt voice or audio signals, 
e.g. telephone, radio and cellular telephone signals, again 
using our user-unique encryption means. Again, one may 
elect to encrypt the compressed signal to reduce the amount 

10 of encryption needed or to save one-time-pad entries. A* 

digital cellular telephone with a user-unique one-time-pad or 
encryption key pad on a miniature hard-drive is within the 
scope of this invention. Note also that the one-time-pad 
can periodically be "recharged" with new numbers or keys 

15 using means we previously discussed. 

Alternatively or in addition, one can scramble 
sub-blocks or samples in time; equivalently, one may attach 
to each sample or block a number denoting its position in 
the datastream, encrypt said number, then re-order the 

20 samples or blocks according to the encrypted numbers. 
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Alternatively, one can add a random or pseudo-random 
"noise' 1 signal to mask the voice signal. Alternatively, one 
may apply these techniques to the compressed signal or to 
the signal in the frequency domain instead of the 

5 time-domain.. 

It is also desirable to encrypt video signals, e.g. 
television programs, motion pictures, teleconferencing, and 
the like, again using our user-unique encryption means. 
Again, one may elect to encrypt the compressed signal to 

10 reduce the amount of encryption needed or to save 

one-time-pad entries. Alternatively or additionally, one may 
scramble pixels or blocks of pixels in position or orientation, 
as discussed for pictures, or in time (e.g. between frames), 
as discussed for voice signals. Alternatively or additionally, 

15 one can add a random or pseudo-random "noise" signal to 

mask the picture, as previously discussed. Again, one may 
alternatively apply these techniques to the compressed 
signal. 

In addition, since many television programs and 
20 motion pictures are publicly available and not secrets, an 
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encryption or scrambling technique that only degrades the 
quality so that the program or motion picture is 
unwatchable may be sufficient. For example, a single 
one-time-pad entry can be used to seed a pseudo-random 
number generation algorithm used to generate numbers to 
partially or totally scramble or mask or encrypt the picture. 

Finally, our user encryption keys or databases or pads 
of keys or one- time-pads and our associated systems and 
techniques can be used with any conventional means for 
encrypting, scrambling or masking digital picture information, 
or voice or audio or video information or signals. 

The means discussed herein for securing and 
controlling access to a host computer or server or network 
or communication via a network can also be implemented 
on an auxiliary or dedicated processor or computer such as 
a "firewall processor", or on a network processor, rduter, or 
switching system, instead of the host computer or server. 
An auxiliary or dedicated processor or computer eliminates 
the need for the host computer to perform the 
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authentication, decreasing the processing load of the host 
computer. 

The CD-ROM or other portable storage medium or 
portable electronic device can be used to control access to. 
5 through, or under the control of, any stored-program 

processor or computer capable of directly or indirectly 
accessing storage capacity sufficient to hold the requisite 
database of user key codes. Indirect access may comprise 
remote access via a network or may comprise access from 
10 another processor or memory system. 

Note also that the novel techniques herein described 
can be used in applications where the keypad or key data or 
portions thereof are installed or copied onto the Hard disk 
drive of the user's computer or terminal or otherwise stored 
15 or installed on the user's computer or terminal. Our 

techniques can also be used in applications wherein the 
portable electronic device comprises programming means to 
act as a user terminal. 

The invention also encompasses a method to store 
20 secure versions of documents. In this system, documents or 
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files created by a depositor are transmitted within internal 
-or external information network and are recorded in a 
digitally signed and encrypted format. Such data or files or 
documents can be encrypted by either OTP (one time pad) 
5 or other encryption means and recorded on preferably a 

write once read only storage device. Once the data is 
stored in such a "digitally frozen" state, it may never be 
changed or written over; thus it becomes part of a 
permanent record which can be stored in third party 

10 network or storage facility. The data is encoded and 

digitally locked via a digital signature or the like until 
confirmation of the data is needed. The third party storage 
can be located either at one or more remote locations or in 
a secured, "bonded" or controlled facility at a user location. 

15 The date and time of receipt of the data is preferably 

stored with the data. In addition, the storage site preferably 
follows physical security procedures to ensure an 
uncompromised chain of custody of the storage media. 
Once the storage of encrypted documents is completed, they 
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will enable the user to allow confirmation to any authorized 
viewer. 

The keys necessary to access, decript and confirm the 
contents of the data can be held solely by the archive 
5 facility, solely by the depositor, or jointly by both the archive 

facility and the depositor. In this manner, access to the 
data can be controlled as desired. In addition, the keys 
necessary to access, decrypt and confirm the data can be 
delivered to another party. 

10 In the case where both the depositor and the archive 

facility jointly hold the access keys, the archival system can 
require that the two sets of keys be submitted 
simultaneously, or within a predetermined trial period to 
grant access to the data. 

15 The above document archival system can be 

implemented to record a series of communications between 
two users pertaining to, for example, a contract negotiation. 
In this embodiment, each communication in the series is 
stored by the archival facility in a digitally frozen form, e.g., 
20 via a digital signature. In addition, the signatures of some 
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or all of the communications can be verified by the archival 
facility or another verification source. This verification can 
be appended to a final communication which is also digitally 
frozen and stored at the archival facility. 

Access to the data stored by the archival facility of 
any of the above methods can be limited by time of access 
and/or delivery and/or by location of the party requesting 
access or of the archival facility. 

The portable storage media or portable electronic 
device can be programmed with biometric data such as 
fingerprint or eye retina scan or voice confirmation data to 
control access to and to confirm ownership. The device to 
which the portable storage media or the portable electronic 
device is attached can have programming and sensors to 
15 detect such biometric data. The Portable electronic device 

itself can include such sensors. 

It will also readily be apparent to those skilled in the 
art that the means described herein for providing secure 
access to a host computer or server or to databases or 
transaction processing systems implemented on same can 
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also be used to control access to other computers, or to 
networks, or to databases or transaction processing systems 
or other programs or information functions implemented on 
or accessed through same. The read-write portion or write- 
5 once read-many portion would typically contain the unique 

user access key codes and unique user encryption keys 
(when used) and any other information unique to the 
particular user. 

In a CD-ROM implementation, the rend-only portion 

10 of the users' disks could be imprinted quickly and 

economically by pressing. The individualized portion, 
typically a write-once, read-many portion, would then be 
quickly recorded on an appropriate recording CD-ROM 
drive. This approach may prove advantageous in a variety 

15 of high-volume applications. 

Although the foregoing description has been given by 
way of preferred embodiments, it will be understood by 
those skilled in the art that other forms of the invention 
falling within the ambit of the following claims is 
20 contemplated. Accordingly, reference should be made to 



WO 00/56009 PCT/US00/07 1 74 



the following claims in determining the full scope of the 
invention. 
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We claim: 

j l. A method of providing user identification and 

2 authentication using ultra long identification key codes 

3 and/or ultra large databases of identification key codes in a 

4 manner providing secure access from a remote computer 

5 terminal to a database or server transaction program, stored 

6 on a host computer, comprising the steps of: 

7 (a) utilizing key generation algorithms and/or 

8 hardware to generate individual, class specific, or both user 

9 access key codes which may optionally contain individual 
10 encryption keys; 

n (b) utilizing key generation algorithms to generate 

12 one or more media access codes: 

j 3 ( C ) creating a database or otherwise updating an 

14 existing database comprising a compilation of each of said 

15 individualized and class specific user access key codes which 

16 have been generated for predetermined authorized users of 

17 the server transaction program: 
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lg (<j) recording, on separate individual portable 

19 storage media directly compatible with and readily insertable 

20 and removable from said remote computer terminal, each of 

21 said individualized and class specified user access key codes, 

22 along with the optional individual encryption keys, and the 

23 media access codes; 

24 ( e ) loading or providing the server serving as the 

25 host computer with a complete registry or compilation of 

26 each individualized and class specified access key code and 

27 any optional individual encryption keys which have been 

28 generated by the key generation algorithms; 

29 (f) providing each authorized user with said 

30 portable storage medium containing the authorized user's 

31 individual or class specified access key code or key codes; 

32 (g) providing the server with computer 

33 programming including steps for comparing individual and 

34 class specified access key codes transmitted over telephone 

35 networks or communication networks from a user's remote 

36 computer terminal against the stored compilation of 

37 authorized access key codes and permitting correct matches 
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38 to have access to said server transaction program while 

39 denying access to unauthorized access key codes; 

40 (h) providing users' remote computer terminals 

41 with programming including the steps for comparing media 

42 access codes entered by the user against media access codes 

43 stored on the portable storage medium and permitting 

44 correct matches to have access to the individual or class 

45 specified access key codes stored on the portable storage 

46 medium; 

47 (i) providing users' remote computer terminals 

48 with programming to permit connection to said server 

49 through a communication network or telephone network and 

50 to transmit individual and class specific access key codes 

51 through said remote computer terminal utilizing readers for 

52 the portable storage medium to said server for the purposes 

53 of gaining access to said server transaction database: and 

54 (j) conducting a communications session between 

55 the user's remote computer terminal and said server 

56 transaction program through said telephone or 

57 communication network. 

110 



WO 00/56009 



PCT/US00/07174 



1 2. A method of providing user identification and 

2 authentication using ultra long identification key codes 

3 and/or ultra large databases of identification key codes in a 

4 manner providing secure access from a remote computer 

5 terminal to a database or server transaction program stored 

6 on a host computer, comprising the steps of: 

7 (a) utilizing key generation algorithms to generate 

8 individual, class specific, or both user key codes which may 

9 optionally contain individual encryption keys; 

10 (b) creating a database or otherwise updating an 

11 existing database comprising a compilation of each of the 

12 access key codes which have been generated for predeter- 

13 mined authorized users of the server transaction program; 

14 (c) recording, on separate individual portable 

15 storage media directly compatible with and readily insertable 

16 and removable from said remote computer terminal, each of 

17 said individualized and class specified user access key codes 

18 along with the optional individual encryption keys; - 
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19 ( d ) loading or providing the server serving as the 

20 host computer with a complete registry or compilation of 

21 each individualized and class specified access key code and 

22 any optional individual encryption keys which have been 

23 generated by the key generation algorithms: 

74 (e) providing each authorized user with said 

25 portable storage medium containing the authorized user's 

26 individual or class specified access key code: 

2? (f) providing the server with computer 

28 programming including steps for comparing individual and 

class specified access key codes transmitted over telephone 
networks or communication networks from a user s remote 

31 computer terminal against the stored compilation of 

32 authorized access key codes and permitting correct matches 

33 to have access to said server transaction program while 

34 denying access to unauthorized access key codes: 

35 ( g ) providing users' remote computer terminals 

36 with programming to permit connection to said server 
through a communication network or telephone network and 
to repeatedly or periodically transmit individual and class 
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39 specific access key codes through said remote computer 

40 terminal utilizing readers for the portable storage medium to 

41 said server for the purposes of gaining access to said server 

42 transaction database; and 

43 (h) conducting a communications session between 

44 the user's remote computer terminal and said server 

45 transaction program through said telephone or 

46 communication network. 

1 3. A method of providing user identification and 

2 authentication using ultra long identification key codes 

3 and/or ultra large databases of identification key codes in a 

4 manner providing secure access from a remote computer 

5 terminal to a database or server transaction program stored 

6 on a host computer, comprising the steps of: 

7 (a) utilizing key generation algorithms to generate 

8 individual, class specific, or both user key codes which may 

9 optionally contain individual encryption keys; 

10 (b) creating a database or otherwise updating an 

11 existing database comprising a compilation of each of the 
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12 access key codes which have been generated for predeter- 

13 mined authorized users of the server transaction program; 

14 (c) recording, on separate individual portable 

15 storage media directly compatible with and readily insenable 

16 and removable from said remote computer terminal, each of 

17 said individualized and class specified user access key codes 

18 along with the optional individual encryption keys: 

19 (d) loading or providing the server serving as the 

20 host computer with a complete registry or compilation of 

21 each individualized and class specified access key code, the 

22 location on the portable storage media where each 

23 individualized and class specified access key code is stored. 

24 and any optional individual encryption keys which have been 

25 generated by the key generation algorithms: 

26 (e) providing each authorized user with said 

27 portable storage medium containing the authorized user's 

28 individual or class specified access key code: 

29 (f) providing the server with computer 

30 programming including steps for 
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31 (') requesting one or more individual and 

32 class specified access key codes from a specific location on 

33 the portable storage media, and 

(ii) comparing individual and class specified 

access key codes transmitted over telephone networks or 
communication networks from a user's remote computer 

37 terminal against the. stored compilation of authorized access 

38 key codes and permitting correct matches to have access to 

39 said server transaction program while denying access to 

40 unauthorized access key codes; 

41 fe) Providing users' remote computer terminals 

42 with programming to permit connection to said server 
through a communication network or telephone network and 
to transmit individual and class specific access key codes 
through said remote computer terminal utilizing readers for 

46 the portable storage medium to said server for the purposes 

47 of gaining access to said server transaction database; 

48 ( h ) conducting a communications session between 

49 the user's remote computer terminal and said server 
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50 transaction program through said telephone or 

51 communication network. 

1 4. A method of providing user identification and 

2 authentication using ultra long identification key codes 

3 and/or ultra large databases of identification key codes in a 

4 manner providing secure access from a remote computer 

5 terminal to a database or server transaction program stored 

6 on a host computer, comprising the steps of: 

7 (a) utilizing key generation algorithms to generate 

8 individual, class specific, or both user key codes which may 

9 optionally contain individual encryption keys: 

10 (b) creating a database or otherwise updating an 

11 existing database comprising a compilation of each of the 

12 access key codes which have been generated for predeter- 

13 mined authorized users of the server transaction program; 

14 (c) recording, on separate individual portable 

15 storage media directly compatible with and readily insertable 

16 and removable from said remote computer terminal, each of 
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17 said individualized and class specified user access key codes 

18 along with the optional individual encryption keys; 

19 (d) loading or providing the server serving as the 

20 host computer with a complete registry or compilation of 

21 each individualized and class specified access key code and 

22 any optional individual encryption keys which have been 

23 generated by the key generation algorithms; 

24 (e) providing each authorized user with said 

25 portable storage medium containing the authorized user's 

26 individual or class specified access key code; 

27 (f) providing the server with computer 

28 programming including steps for comparing individual and 

29 class specified access key codes transmitted over telephone 

30 networks or communication networks from a user's remote 

31 computer terminal against the stored compilation of 

32 authorized access key codes and permitting correct matches 

33 to have access to said server transaction program while 

34 denying access to unauthorized access key codes; 

35 (g) providing users' remote computer terminals 

36 with programming to permit connection to said server 
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37 through a communication network or telephone network and 

38 to transmit individual and class specific access key codes 

39 through said remote computer terminal utilizing readers for 

40 the portable storage medium to said server for the purposes 

41 of gaining access to said server transaction database: 

42 (h) providing users' remote computer terminals 

43 with programming to permit copying of information or one 

44 or more programs from the server or the portable storage 

45 medium to the remote computer terminals: and 

46 (i) conducting a comrnunicaiions session between 

47 the user's remote computer terminal and said server 

48 transaction program through said telephone or 

49 communication network. 

1 5. A method of providing user identification and 

2 authentication as described in claim 2, wherein in said step 

3 of providing users' remote computer with programming, 

4 individual and class specific key codes are transmitted at the 

5 beginning and end of the communications session. 
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1 6. A method of providing user identification and 

2 authentication as described in claim 2, further comprising 

3 the steps of: 

4 (a) counting the information transmitted 

5 from the remote terminal to the server according to a pre- 

6 determined algorithm; 

7 (b) transmitting the count to the server 

8 whenever individual and class specific access key codes are 

9 transmitted to the server. 

1 7. A user identification authentication system 

2 using ultra long identification keys and/or ultra large 

3 databases of identification keys for secure remote computer 

4 terminal access to a host computer comprising: 

5 (a) a host computer having a compiled database 

6 of pre-authorized user access key codes of ultra long length; 

7 (b) a series of individual portable storage media 

8 directly compatible with and readily insertable and 

9 removable from said remote computer terminal, each 
10 containing 
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(i) a unique or class unique access key 

12 code distributed among authorized users of a server 

13 transaction program, and 

14 (ii) one' or more media access codes; 

15 (d) a remote terminal with programing to compare 

16 entered media access codes with the media access codes 

17 stored on the portable storage media and to deny access to 

18 the access key codes stored on the portable storage media 

19 to any unauthorized media access codes but to permit accesj 

20 to any user entering an authorized media access code: 

21 (e) a server with programming to compare 

22 received access key codes with stored authorized access key 

23 codes and to deny access to the server transaction program 

24 to any user transmitting an unauthorized key code but to 

25 permit access to any user transmitting an authorized access 

26 key code; 

27 (f) each of said access key codes being ultra long 

28 and comprising at least 20 characters or digits (requiring 20 

29 or 10 bytes, respectively). 
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7 
8 
9 



1 8. A method to control access to a resource 

2 connected to a network accessible from a plurality of 

3 communication devices, comprising the steps of: 

4 (a) generating a plurality of sets of unique or class 

5 specific key codes, said key codes being ultra-long and/or 

6 said sets of key codes being ultra-large; 
(b) creating a complete key database or otherwise 

updating an existing complete key database comprising a 
compilation of each of said plurality of sets of unique or 

10 class specific key codes; 

11 . ( c > providing a host device with said complete key 

12 database, said host device being connected to said network; 

13 ( d ) recording, on one of said communication 

14 devices or on a unique individual portable storage media 
compatible with one of said communication devices, one of 
said sets of unique or class specific key codes; 

(e) programming said one communication device 
to permit connection to said host device through said 

19 network and to transmit or receive individual or class 

20 specific key codes to or from said host; 
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21 (f) programming said host device to permit 

22 connection to one of said communication devices and to 

23 transmit or receive individual or class specific key codes to 

24 or from said one communication device; 

25 (g) distributing said communication device or said 

26 unique individual portable storage media upon which said 

27 one set of unique or class specific key codes has been 

28 recorded to an authorized user of said resource. 

1 9. The method of claim 8, wherein said keys are 

2 identification keys and further comprising programming said 

3 host device to compare individual or class specific 

4 identification key codes transmitted from said one 

5 communication device against the stored compilation of 

6 identification key codes, and to grant said one 

7 communication device access to said resource if said 

8 transmitted key code matches a key code in said complete 

9 database, while denying such access in the case of an 

10 incorrect match.LThe method of claim 2, wherein said 

11 complete identification key database provided to said host 
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12 device is stored in encrypted form.ILThe method of claim 3, 

13 further comprising programming said host device to employ 

14 a trap door algorithm to compare an identification key 

15 transmitted by said one communication device with an 

16 encrypted identification key provided to said host device. 
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12. A method to control access to a resource accessible 
from a plurality of user devices, comprising the steps of: 

generating a plurality of sets of one or more unique 
or class specific keys, said keys being ultra-long or said 
sets of keys being ultra-large; 

creating a key database comprising a compilation of 
each of said plurality of sets of unique or class specific 
keys ; 

storing said key database on a storage medium con- 
nected to a host, said host including one or more program- 
mable devices ; 

programming a user device to communicate with said 
host and to transmit or receive keys to or from said host; 

programming said host to communicate with said user 
device and to transmit or receive keys to or from said 
user device; and 

distributing one or more sets of user keys to an 
authorized user of said resource, each set of user keys 
comprising one of said sets of unique or class specific 
keys, and said key database including each of said sets of 
user keys; and 

said set of user keys being recorded on a storage 
medium integral or compatible with said user device prior 
to or after distribution of said set of user keys to said 
authorized user. 

13. The method of claim 12, wherein said set of user keys 
is recorded on said storage medium prior to distribution to 
said authorized user. 

14. The method of claim 12, wherein said set of user keys 
is distributed electronically. 

15. The method of claim 13 wherein said storage medium is 
a portable storage media. 
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16. The method of claim 12, further comprising: 

said keys being identification or authentication keys; 

and 

transmitting a key from said set of user keys to said 
host; 

programming said host device to compare ' said trans- 
mitted key against said key database, and denying said 
user device access to said resource if said transmitted 
key does not match a key in said key database. 

17. The method of claim 12, further comprising: 

said keys being identification or authentication keys; 
and 

transmitting a key from said set of user keys -from 
said host to said user device; 

programming said user device to compare said trans- 
mitted key against said set of user keys; and 

terminating a communication session if said "trans- 
mitted key does not match a key in said set of user keys. 

18. The method of claim 16, wherein said set of user keys 
includes a plurality of groups of keys, each group of keys 
providing a different level of access to said resource. 

19. The method of claim 18, wherein information associat- 
ing said groups of keys with said different levels of 
access to said resource is recorded on said storage medium. 

20. The method of claim 18, wherein information associat- 
ing said groups of keys with said different levels of 
access to said resource is recorded on said host. 

21. The method of claim 12, further comprising steps to 
prevent or detect attempted re -use of a key. 
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22. The method of claim 12, wherein said set of user keys 
is a one time pad, each key of said set of user keys being 
used only once; and further comprising steps to prevent or 
detect attempted reuse of a key. 

23. The method of claim 12 further comprising: 

said set of user keys is a one time pad, each key of 
said set of user keys being used only once; 

programming said user device and said host to use keys 
of said set of user keys as seeds for a key generation 
algorithm to generate an encryption key. 

24. The method of claim 12, further comprising: 
programming said user device to encrypt a current time 

and date known to said user device using a key from said 
set of user keys and to transmit said encrypted time and 
date to said host ; and 

programming said host to decrypt said encrypted time 
and date using a key from said set of user keys and to 
deny access to said resource if said decrypted time and 
date is not within a predetermined tolerance of a current 
time and date known to said host. 

25. The method of claim 12, further comprising: 
programming said host device to encrypt a current time 

and date known to said host using a key from said set of 
user keys and to transmit said encrypted time and date to 
said user device; and 

programming said user device to decrypt said encrypted 
time and date using a key from said set of user keys and 
to terminate a communication session if said decrypted 
time and date is not within a predetermined tolerance of 
a current time and date known to said user device. 
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26. The method of claim 21, wherein: 

in* "Vd ^ e : enti0n and ^tection steps comprise p rogr a mra - 
" hOSt ^ to track usage of said 

27. The method of claim 26, further comprising- 
programming said host to provide a pointer to said 

user device to a previously unused key; and 

programming said user device to receive said pointer 
from saxd host, by which said user device can select said 
previously unused key from said set of user keys. 

. "d user 7^ °' ^ " Said o£ 

further comor 1 " COmPr±SeS " id m ^hod 

further composes recording usage of keys on said writable 

sa^d Jser d eth ° d ^ ^ Said St °^ of 

further co C ° mPriSeS Writable — ry, and said method 

further comprises erasing or overwriting used keys of said 
set of user keys. -T < * xu 

30. The method of claim 21, wherein said steps to prevent 

sa r id d atcempced reuse ° f * key ™- 

to J " ^ Sai<J h ° SC WiCh - *^°rithm by which 

keys a previousiy unused key from said set of user 

31. The method of claim 30. wherein said algorithm 
composes selecting a key from said set of user keys 
according to a current time and date. 

32. The method of claim 31, wherein 
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said keys are identif icacion or authentication keys; 

and 

programming said hose to deny access to said resource 
if a time and date associated with a key selected accord- 
ing co said algorithm by said user device is not within 
a predetermined length of time of a time and date of a key 
selected by said host according to said algorithm. 

33. The method of claim 31, wherein 

said keys are identification or authentication keys; 

and 

programming said user device to terminate a communica- 
tion session if a time and date associated with a key 
selected according to said algorithm by said user device 
is not within a predetermined length of time of a time and 
date of a key selected by said host according to said 
algorithm. 

34. The method of claim 31, wherein: 

said keys are identification or authentication keys; 

programming said user device to transmit a current 
time and date known to said user device along with an 
associated key selected from said set of user keys 
according to said algorithm; and 

programming said host to allow access to said resource 
if said time and date transmitted by said user device is 
within a predetermined amount of time of a current time 
and date known to said host, and if said associated key 
transmitted by said user device matches a key stored on 
said host, which stored key is associated with said time 
and date transmitted by said user device. 

35. The method of claim 31, wherein: 

said keys are identification or authentication keys; 
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programming said host to transmit a current tin,. „ 
date known to said host along with an T 
selected from said set of use. Its T *** 
algorithm; and 73 accordln 9 to said 

programming said user device to terminate a ™ 
tion session if ,- • terminate a cotnmunica- 

»°st is n^ within ! h " tr «- 1 «*' said 

within a predetermined amount of ti.. * 
current time and date known to said use devic e ahd • I 
saxd associated key transmitted by said host 1' 
stored on said storage media of sa^ ^r devi \^ 
stored key is associated with said time" T I ' ^ 
mitted by said host. * datS trans ~ 

36. The method of claim 21, wherein: 

said steps to prevent or detect at-t-™- ^ 

-jrs ™: 9 t r - r c v° 

selected by said user device as beiner * 
that said host transm ,., ? 5 P revio "sly used, 

key< h ° St trans ^t another allegedly previously used 

37. The method of claim 21, wherein- 

said steps to prevent or detect attempted reuse of a 
key composes programming said user device to track u 
of said user keys; and ° k USage 

in t h f r ther C ° mprising Programming said host to request 

-vice tr^it ano^er ^1^ ^ ^ ^ ^ 

ner allegedly previously used key. 

38. The method of claim 30, wherein: 
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said steps to prevent or detect attempted reuse of a 
key comprises programming said host to track usage of said 
user keys; and 

further comprising programming said user device to 
request, in the event that said host rejects a key 
selected by said user device as being previously used, 
that said host transmit another allegedly previously used 
key. 

39. The method of claim 30, wherein: 

said steps to prevent or detect attempted reuse of a 
key comprises programming said user device to track usage 
of said user keys ; and 

further comprising programming said host to request, 
in the event that said user device rejects a key selected 
by said host as being previously used, that said user 
device transmit another allegedly previously used key. 

40. The method of claim 12 , wherein: 

said keys are authentication or identification keys; 
programming said host to prevent reuse of a key of said 
set of user keys; 

said user device selects a plurality of keys from said 
set of user keys at random ; 

said user device transmits a first key from said 
plurality of selected keys to said host; and 

if said host rejects said first key, said user device 
transmits a second key from said plurality of selected 
keys to said host . 

41. The method of claim 12, wherein additional or replace- 
ment keys are appended to or written over said set of user 
keys recorded on said storage medium after distribution of 
said set of user keys to said authorized user. 
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42. The method of claim 

. er by r^^,^-- - are generat- 

44. The method of claim ir> , u 

said key database on said s /o' r aa ^ ° f 

ing said keys. medlUm «™Prises encrypt - 

«S. The method of claim is, wherein . 
is compared to an eMrm> 1 , rein said transmitted key 
«ap door algorithm " °" h °" by a 

use" zrzrzszz- * - — « 

w-rein said host identifies ^J^LT^ "T ^ 
sets of user keys is to he used for a^oT^^ 

47. The method of claim i •? u 
connect to said host to «■ ^ ™ St 

keys. St t0 gain access fc o said set of user 

48. The method of claim 12, wherein u 
of user keys are u««h S3ld ke y s of said set 

gorithm. ^ aCC ° rdi ^ to a predetermined al- 

49 . The method of claim a a u 
comprises seiecting a key from ^T" al9 ° rithm 
according to a current time and d ate ' °' k ~ 

a^henltatirtey t^t d" " or 
Prior to heing tranJm^c '° ^ 
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51. The method of claim 50, wherein said transmitted key- 
is encrypted with a selected encryption code selected from 
a database of encryption codes located on said user device 
and located on said host . 

52. The method of claim 51, wherein said selected encryp- 
tion code is selected by said host. 

53. The method of claim 51, where said selected encryption 
code is selected by said user device according to a prede- 
termined algorithm. 

54. The method of claim 50, wherein said transmitted key 
is encrypted with a public key encryption code transmitted 
to said user device from said host . 

55. The method of claim 50, wherein said transmitted key 
is encrypted with an encryption code compiled f rom_ a first 
partial encryption code transmitted to said user device 
from said host and a second partial encryption code stored 
on said user device . 

56.. The method of claim 50, wherein said transmitted key 
is encrypted with a transmitted encryption code transmitted 
from said host, said transmitted encryption code being 
padded by said user device with random, null or nonsense 
prefixes or suffixes prior to encrypting said transmitted 
key. 

57. The method of claim 56 , wherein said transmitted key 
code is padded according to an algorithm specified by said 
host . 

58. The method of claim 50, wherein 
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aMk M " USer deVice «ansmit s a. first identification or 
authentication key to said host, said first transmitted 
identification or authentication k ey being unencrypted or 
relatively lightly encrypted; 

auth^ntf 7" CranSmi " * — «» identification or 

ioentif t " S3id h ° SC ' Said ~~»» transmitted 

identification or authentirat- -,• ™ 1, ^ . 
u- u - aucnentication key being relative^ 

highly encrypted; and e " y 

said host uses said first identification or authen- 
tication key to determine an encryption code to use to 
decrypt and verify said second transmitted identification 
or authentication key. ncirication 

59 The method of claim 17, wherein an identification or 

s^d h n oT ti0n tra —- - -id user devTce L m 

said host is encrypted prior to being transmitted. 

60. The method of claim 59, wherein said transmitted key 
xs encrypted with a selected encryption code selected froT 
a database of encryption codes located on said user device 
and located on said host. 6 

61. The method of claim 60, wherein said selected encryp- 
tion code is selected by said user device. ■ 

«. The method of claim 60, where said selected encryption 
aTgrrirhr 16 "" * ^ ™^ *> * P-detlrlined . 

is 6 ^^ ° f Claim 59 ' ^rein said transmitted key 

! ith a PUbliC encryption code transmitted 

said host from said user device. 

J4. The method of claim 59, wherein said transmitted key 
encrypted with an encryption code compiled from a first 
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partial encryption code transmitted to said host from said 
user device and a second partial encryption code stored on 
said host. 

65. The method of claim 59 , wherein said transmitted key 
is encrypted with a transmitted encryption code transmitted 
from said user device, said transmitted encryption code 
being padded by said host with random, null or nonsense 
prefixes or suffixes prior to encrypting said transmitted 
key. 

66. The method of claim 65, wherein said transmitted key 
code is padded according to an algorithm specified by said 
user device. 

67. The method of claim 59, wherein 

said host transmits a first identification or authen- 
tication key to said user device, said first transmitted 
identification or authentication key being unencrypted or 
relatively lightly encrypted; 

said host transmits a second identification or 
authentication key to said user device, said second 
transmitted identification or authentication key being 
relatively highly encrypted; and 

said user device uses said first identification or 
authentication key to determine an encryption code to use 
to decrypt and verify said second transmitted identifica- 
tion or authentication key. 

68. The method of claim 12, further comprising: 

said keys including identification or authentication 
keys ; 

a first device comprising one of said host or said 
user device; 
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a second device comprising one of said user device or 
said host; 

programming said first device to transmit an initial 
portion of a first identification or authentication key 
from said set of user keys; 

programming said second device to comoare said initial 
Portion of said first- identification or authentication key 
transmuted by said first device with an initial portiol 
of a comparison key recorded on a storage medium of said 
second device; and 

programming said second device to transmit, in the 
event of a correct comparison, an initial portion of a 
second identification or authentication key from said set 
of user keys to said first device. 

69. The method of claim 68, further comprising- 

P^ramming said first device to compare said initial 

IZ T ° f . Said SSCOnd Verification or authentication 
key transmitted by said second device with an initial 
portxon of a comparison key recorded on a storage medium 
of said first device; and 

programming said first device to transmit, in the 
event of a correct comparison, an further portion of said 
f^rst identification or authentication key to said second 
device. 

70... The method of claim 69, further comprising: 

programming said second device to compare said further 
portion of said first identification or authentication key 
transmitted by said first device with a further portion of 
said comparison key recorded on said storage medium of 
said second device; and 

programming said second device to transmit, in the 
event of a correct comparison, a further portion of said 
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second identification or authentication key to said first 
device . 

71. The method of claim 70, further comprising programming 
said first and second devices to repeatedly transmit and 
compare portions of an identification or authentication 
key, until either all portions of said key have been 
transmitted, or an incorrect portion is transmitted. 

72. The method of claim 12, further comprising 

said keys being identification or authentication keys; 

programming said, user device or said host to transmit 
a checksum number related to a selected plurality of keys 
to said host device or user device, respectively. 

73 . The method of claim 72 wherein said selected plurality 
of keys is selected according to a predetermined algorithm. 

74. The method of claim 12, further comprising 
said keys including encryption keys; 

establishing a communication session between said user 
device and said host; and 

encrypting data transmitted between said host and said 
user device using as least one of said keys. 

75. The method of claim 74, wherein an encryption key used 
to encrypt data transmitted between said host and said user 
device is padded with null or nonsense prefixes or suffixes 
chosen according to a predetermined algorithm. 

76. The method of claim 74, wherein said set of user keys 
is a one time pad, each key being used to encrypt a partial 
sequence of said data. 
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77. The method of claim 74 _ uhere . n sa . a 

used once. y are 

78. The method of claim 74 wherein a key of said set of 
user keys is used to encrypt a limits 

of • o ncr VPt a lxmited or partial sequence 

of data an said communication session. 

79 The method of claim 74, wherein a relative strength of 
an encrypt.cn level of said communication sessio 
changed during said communication session. 

80. The method of claim 12, wherein 

a first set of user keys provided to said user beino 
associated with a predetermined resource; and 

said user device not permitting access to said sets of 
user keys other than said first set thereof absent 
authorization from said host. C 

81. The method of claim 12 further comprising a portion of 
S91d rSSOUrce ^ing stored on said user device. 

a 8 t 2 ran?act meth0d ^ ^ Preforming 
a transaction with said user device, and storing informa 
tion associated with said transaction ' 

j-u transaction on said user device. 

83. The method of claim '82, wherein **** - 
i nfnm „.. wnerein said transaction 

saLTsT St0rSd ° n S3id deV±Ce iS — smitted to 

84. The method of claim 16, further comprising 

establishing a communication session between said user 
device and said host; er 
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conducting a transaction process in parallel with and 
at the same time as an identification or authentication 
process . 



85. The method of claim 84, wherein 

during said identification or authentication process, 
said user device transmits a first and a second iden- 
tification or authentication key to said host; 

said host performs a relatively rapid confirmation of 
said first key; 

upon confirmation of said first key, said host allows 
said transaction process to commence; 

said host performs a confirmation of said second key; 

said host terminating said transaction process if said 
second key is not confirmed. 

86. The method of claim 85, wherein said first key is an 
encrypted form of said second key, said second key .being 
encrypted according to a predetermined algorithm. 

87. The method of claim 86, wherein said first and second 
keys are stored on said storage medium. 

88. The method of claim 87, wherein said user device does 
not contain said predetermined encryption algorithm. 

89. The method of claim 85, wherein pending confirmation 
of said second key, said host grants provisional limited 
access to said resource to said one user device. 

90. The method of claim 12, wherein said user device is a 
portable electronic device having a memory and a processor, 
said set of user keys being recorded on said memory. 
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91. The method of claim 90 wherein san H - * 
-corded on said portable electronic T ^ ^ 

— — of r::z y T:;; ; 5 7; is * 8 an 

or greater in si 2e . 5 characte " 

92. The method of claim on * 

l. ■ ' further comprising 

k£ys an d " inClUdin9 "—"-ion or authentication 
said host. ntl ^«txon or authentication Keys Co 

93. The method of claim o n < ... 

sa , H , . aim 90 ' ^rther comprising 

saxd keys including encryption keys; and 
saxd portable electronic device including 
encrypt and decrypt data using said en™^ I "° 
-nsmit and receive encrypted data t^T^X^ 

~onJt^^L:>T 90f where±n said 

- said set J^Z^^--^ — s 

95. The method of claim 12, wherein .... 
includes means to prevent una^ed access 
of user keys -recorded thereon. " id Set 

^t^r^ttia 4 ;^ said means to p ~ 

electronic device 1 ^ reCOrded « Portable 

electronic devi" TZTl ^ " diS3ble P °"*^ 
authored attempts ^X^ST^^-*- 1 ° f 

un"uth::Lrr= d ce o ss o to 1 ;aid 4 ' k " he,rein said " P ™ 
— — ::- r ::^r: :::: ~ 
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eleczronic device if keys are requested faster than a 
predetermined rate. 

98. The method of claim 97, wherein said predetermined 
rate is based on a maximum transmission speed between said 
portable electronic device and said host. 

99. The method of claim 94, wherein: 

said portable electronic device is distributed to said 
authorized user after said set of user keys is recorded 
thereon; and 

said method further comprises activating means to . 
prevent access to said set of user keys stored on said 
portable electronic device during a time when said 
portable electronic device is being distributed to said 
authorized user. 

100 • The method of claim 99, wherein said 

portable electronic device includes a clock and wherein 
said portable electronic device deactivates said means to 
prevent access to said keys at a predetermined time and 
date . 

101. The method of claim 99, wherein said means to prevent 
access to said set of user keys is deactivated only after 
said portable electronic device establishes a communication 
session with an activation host and said activation host 
transmits a deactivation key to said portable electronic 
device . 

102. The method of claim 90, wherein said portable elec- 
tronic device includes means to control the rate of use of 
the keys of said set of user keys stored thereon. 
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103. The mechod of claim 90, wherein said portable elec 
tronic device includes means to monitor usage of keys 
recorded thereon. ys 



104. The method or claim 103, wherein said means to monitor 
usage of keys recorded on said portable electronic dev lce 
comprises wricable memory and programming to track usaalof 
or to erase used keys . 3ge of 

105. The method of claim i ? f,,,-«-u^ 

.... « ... 'ZL^ •STf 

106. The method of claim 105, wherein said marker inol..H 
-formation about said unauthorized user or inflation 

"7 C ° —Prized attempt to aooess s^TnosT 

resource or user device. ost ' 

107. The method of claim ins v,~ 

108. The method of claim 105, further comprising storina 
markers on a Dlurali>v^f « *. g scoring 

attacker durfn 1 * * * Y ^ "authorized . 

attacker during the unauthorized attempt to access said 

host resource or user device whereby a route used ^ sa id 
unauthorized user can be retraced. 

109. The method of claim 105, further comprising 

accesTsa id' °' *" "'tempt to 

authori, H reS ° UrCe ° r US " deVice - -10 un- 

authorized user is connected to a substitute host, which 



141 



WO 00/56009 



PCT/US00/07174 



substitute host establishes a simulated communication 
session with said unauthorized user by simulating access 
to said host, resource or user device to which said 
unauthorized user attempted to gain access; and 

steps to identify and locate said unauthorized user 
during said simulated communication session. 

110. The method of claim 16, further comprising 
establishing a communication session between said user 

device and said host to conduct a transaction; 

said host or said user device transmitting a second 
identification or authentication key to said user device 
or said host, respectively, during or upon termination of 
said communication session. 

111. The method of claim 110, wherein said host or said 
user device transmits a plurality of identification or 
authentication keys to said user device or said -host, 
respectively during a communication session, said transmis- 
sions being made at predetermined points in said communica- 
tion session. 

112. The method of claim 110, wherein said second key is 
transmitted after said transaction is consummated and 
wherein said transaction is held in abeyance until said 
second identification or authentication key is verified. 

113 . The method of claim 110, wherein said second iden- 
tification or authentication key is transmitted by said 
user device or said host upon request of said host or said 
user device, respectively. 

114. The method of claim 110, further comprising transmitt- 
ing a check function related to data transmitted prior to 
said transmission of said second identification or authen- 
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tication key, whereby the integrity of th*> rf*t- a - 
between a UCh e„ tication events 

115. The method of claim -. -> c 

ioq or claim i2 , further comorising 

sa ld keys including encryption keys" 

transmitting data between said user device and ■„ 
host, said transmitted rt»t-» 1Ce and sa id 

video images- -presenting static images or 



video images being altered a :: or p :r ng %:^:re:: r y P :. or 

keys prior to transmission of said data. encr » t *» 

116 . The method of claim n c ^ 

is a one time pad eac ke V of T °" ^ 

used once to encrypt a predet" ^ °* ^ ***** 

encrypt a predetermined amount of data. 

117. The method of claim is ,,v,« • . 

1 lm 16 ' wherein said user device = 

telecommunication device. 1Ce 18 a 

H8. The method of claim 12, f urther comprising 

said keys including encryption keys; 
tran Sa f USer deV±Ce bein * a telecommunication device- 
ahd"^. bStWeen -lecommunication ^ 

values or time locations of said data being altered 
:= t o said encryption keys prior to transmission^ 

119. The method of plain, no u 

c-Laim us, wherein said values of 
transmitted data is a ih Pr ^ u JJ . S ° £ said 

dat* altered by adding random noise to said 

data, saxd random noise being relate • ^ 

keys. 9 related t° said encryption 
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120. The method of claim 118, wherein said values of said 
transmitted data is altered in the frequency domain, said 
alteracions being related to said encryption keys. 

121. A method to control access to a resource accessible 
from a plurality of communication devices, comprising the 
steps of: 

generating a plurality of sets of unique or class 
specific keys, said keys being ultra-long and/or said sets 
of keys being ultra-large; 

programming first and second user devices to permit 
connection to said host device and to transmit or receive 
keys to or from said host; 

programming said host device to permit connection to 
said first and second user devices and to transmit or 
receive keys to or from said first and second user 
devices ; 

distributing first and second sets of user keys to 
first and second authorized users, each set of user keys 
comprising one of said sets of unique or class specific 
keys ; 

said first and second sets of user keys being recorded 
on first and second storage media, respectively, said 
first and second storage media being integral to or 
compatible with said first and second user devices, 
respectively; 

establishing a communication session between said 
first and second user devices through said host; and 

encrypting data transmitted by said first and second 
user devices using said first and second sets of user 
keys , respectively . 

122. The method of claim 121, further comprising: 

creating a key database comprising a compilation of 
said first and second sets of user keys; 
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providing said hose device with said key database; and 
programming said host to decrypt data transmitted from 
said first and second user device using said first or 
second set user keys, respectively, and to encrypt said 
decrypted data using said second or first set of user 
keys, respectively. 

123 . The method of claim 121, further comprising: 

creating a translation key database comprising a set 
of keys suitable to translate data encrypted with said 
first or second set of keys directly to data encrypted 
with said second or first set of keys, respectively 

recording said translation key database on a storage 
medium connected to said host ; and 

programming said host to translate data transmitted 
from said first or second communication device using said 
translation key database. 

124. The method of claim 123 wherein said data is trans- 
lated directly between an encryption for said first or 
second user device into an encryption for said second or 
first user device, respectively, without an. unencrypted 
version of said data existing on said host. 

125. The method of claim 121 further comprising: 

programming said host to create a translation key 
suitable to translate data encrypted with a key from said 
first or second set of user keys directly to data encrypt- 
ed with a key from said" second or first set of user keys 
respectively; 

programming said host to translate data transmitted 
from said first or second communication device using said 
translation key. 
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126. The method of claim 125 wherein said translation key 
is created during or immediately prior to said communica- 
tion session. 



127. The method of claim 121 further comprising: 

programming said host with a translation function to 
translate data encrypted with a key from said set of user 
Beyscefdsnddtlyxlsfc <±a±:a6<£OTn^^ a key from said set 

of user keys of said second or first user device, respec- 
tively 

said translation function using a key from each of 
said sets of user keys of said first and second user 
devices . 

128. A method to control access to a resource accessible 
from a plurality of communication devices, comprising the 
steps of: 

generating a plurality of sets of unique or . class 
specific keys, said keys being ultra-long and/or said sets 
of keys being ultra-large; 

programming first and second user devices to permit 
connection to said host device and to transmit or receive 
individual or class specific keys to or from said host; 

programming said host device to permit connection to 
said first and second user devices and to transmit or 
receive individual or class specific keys to or from said 
first and second user devices; 

establishing a communication session between said 
first and second user devices; 

said host transmitting a common set of keys to said 
first and second communication devices, said common set of 
keys comprising a set of said unique or class specific 
keys ; and 

encrypting data transmitted by said first and second 
user devices using said common set keys . 
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129. The method of claim 128, further comprising: 

recording, on a first user device, a first set of user 
keys comprising a set of said individual or class specific 

recording, on a second user device, a second set of 

sZ- f , C ° mPriSing 3 ° f Sa±d -dividual or class 

specific keys; 

said common set of kevs i <=>n^,,~*. j 

Keys 13 en crypted using said first 
and second sets of user kevs r>r-irv- «- • 

er Kevs Prior to transmission to said 
first and second user devices, respectively. 

^130. The method of claim 129 wherein said first and second 
user devices are distributed to said first and second 
users, respectively. 

131. A portable electronic device, comprising: 
a storage medium 
a processor 

da t k da ' abaSS ° f Unigue or specific keys, said 

database being ultra-large or said keys being ultra-long; 

means to connect said portable electronic device to an 
external resource. 

132. A portable electronic device as in claim 131. wherein 
length ^ ~* " Characters « Sweater in 

col 3 '- AP ° r ? ble eleCtTOniC devi - - ^ claim 131, further 
compr^ng first and second means to connect to first and 

second. external resources, respectively. 

134. a portable electronic device as in claim 133, further 
comprising first and second processors, said first and 
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second processors being connected to said first and second 
means to connect to first and second external resources, 
respectively. 

135. A portable electronic device as in claim 134, wherein 
said first means to connect to an external resources 
further comprises means to interface with a media reader of 
a first type and wherein said second means to connect to an 
external resources further comprises means to interface 
with a media reader of a second type, different than said 
first type of media reader. 

136. A portable electronic device as in claim 134, wherein 
said first and second processors are connected to said 
storage medium. 

137. A portable electronic device as in claim 133, wherein 
said first and second means to connect to said first and 
second external resources further comprises first and 
second electronic circuits. 

138. A portable electronic device as in claim 133, wherein 
said first and second means to connect to said first and 
second external resources further comprises first and 
second databases recorded on said storage medium, 

139. A portable electronic device as in claim 133, wherein 
said first and second means to connect to said first and 
second external resources further comprises first and 
second storage media. 

140. A portable electronic device as in claim 133, wherein 
said first and second means to connect to said first and 
second external resources further comprises said portable 
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electronic device being program wich first Md s 
rdentrf nation or authentication algorithms. 

141 A portable electronic device as in claim 133. wherein 
said first and second mean*: rein 

v-ona means to connect to said first 3 nH 
second external resources further comprises said Portable 
electronic device being programmed with first and se^nd 
communication protocols. second 
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